4. MongoDB VS Relational DBMS
RDBMS MongoDB
database database
table collection
row Document (BSON)
column field
Strict schema Schema less
4
5. MongoDB Security Features
• Access Control
• Role Based Authorization
• SSL/TLS Encryption for Data Transfer
• Enterprise Only:
• Encryption of Data Storage
• Auditing
5
6. Access Control
• Disabled by default
• Community Edition supports two Authentication mechanisms:
• SCRAM
• X509 Certificate
6
7. Role Based Authorization
• Users are scoped to a database
• “admin” database is a special database roles scoped to this
database apply to all databases
• Built in Roles:
• read , readWrite , dbAdmin , userAdmin , dbOwner
• readAnyDatabase , readWriteAnyDatabase , dbAdminAnyDatabase , …
7
8. List of practical tasks
• Enable access control
• Create user and grant default roles
• Create collections
• Create roles
• Grant role to user
• Revoke role from user
• Secure connection with SSL
8