Understanding MongoDB: Advantages of a Document-Oriented NoSQL Database
What makes the document-oriented NoSQL database MongoDB so special? In our article, we delve into its flexibility, security features, scalability, and more. Here, you’ll find out if MongoDB is the right choice for your next application.
Traditionally, Database Management Systems
Traditionally, database management systems organize data based on the relational model. However, as organizations’ data requirements have evolved, a variety of new types of databases have been developed. These new types of databases often don’t rely on the traditional table structure provided by relational databases, thus allowing much more flexibility than the rigid structure imposed by relational databases. Additionally, they typically don’t use structured query language (SQL), which is commonly used by most relational database systems to allow users to define and interact with data. This has led to many of these new non-relational databases being generally referred to as NoSQL databases.
MongoDB Overview
MongoDB, first released in 2009, is a document-oriented NoSQL database widely used in many modern web applications. This conceptual article provides an overview of the features that set MongoDB apart from other database management systems and make it a valuable tool for various use cases.
Overview of MongoDB
MongoDB is considered a NoSQL database because it doesn’t rely on the relational model. Each database management system is designed around a specific data model that dictates how data is organized within the database. The relational model involves storing data in tables formally referred to as relations, consisting of rows and columns.
In contrast, MongoDB stores its data in structures called documents. MongoDB allows grouping multiple documents into a structure called a collection, and these collections can be further grouped into separate databases.
A document in MongoDB is written in BSON, a binary representation of JSON. Similar to objects in JSON, MongoDB documents start and end with curly braces ({ and }), and they contain a series of field-value pairs, usually in the form of Field: Value. The value of a field can be one of the data types used in BSON or even other structures like documents and arrays.
Security in MongoDB
MongoDB is equipped with a range of features that can help prevent data loss and unauthorized access. Some of these features are also found in other database management systems. For instance, like many modern DBMS, MongoDB allows data encryption during transmission over a network, often referred to as data in transit. This is accomplished by establishing connections to the database using Transport Layer Security (TLS), a cryptographic protocol that serves as a successor to Secure Sockets Layer (SSL).
Similar to other DBMS, MongoDB manages authorization – defining rules for a specific user or group of users to determine what actions they can perform and which resources they can access – through a computer security concept known as role-based access control or RBAC. When creating a MongoDB user, you have the option to assign one or more roles to them.
A role defines the permissions a user has, including the actions they can perform on a specific database, collection, collection group, or cluster. For example, you can assign a read/write role to a user for any database, meaning they can read and modify data in any database on your system as long as you’ve granted them the read/write role for it. One unique feature of MongoDB’s RBAC, compared to other databases, is that MongoDB can define custom roles in addition to its built-in roles, providing even more control over what resources users can access on your system.
Since the release of MongoDB version 4.2, MongoDB supports client-side field-level encryption. This involves encrypting certain fields in a document before writing them to the database. Any client or application attempting to read data in these fields later must provide the correct encryption keys to decrypt the data.
{
"name": "Andreas",
"phone": "555-555-1234",
"creditcard": "1234567890123456"
}
Storing sensitive information like a person’s phone and credit card data in a real-world application could be risky, even if you’ve set restrictions on who can access the database, as anyone with database access rights could potentially access and misuse your users’ sensitive information. However, when properly configured, these fields would appear something like this if written using client-side field-level encryption:
{
"name": "Andreas",
"phone": BinData6,"quas+eG4chuolau6ahjiquifooni1Xa=="),
"creditcard": BinData6,"riev7Xoof1Eidooye3leleOosh6AiB==")
}
The above representation shows that the phone and credit card fields are encrypted and cannot be read directly from the database.
Conclusion
As database requirements continue to evolve, MongoDB offers a flexible, secure, and scalable solution for modern applications. Its document-oriented structure provides unique advantages over traditional relational databases, making it a valuable choice for many use cases. Understanding MongoDB: Advantages of a Document-Oriented NoSQL Database