Serverless and NoSQL Databases in the Cloud: A Systematic Review of Security and Management Techniques
DOI:
https://doi.org/10.63503/j.ijcma.2025.216Keywords:
Serverless Computing, NoSQL Databases, Cloud Security, Access Control, Cloud-native Applications, Data Management, Event-driven Architecture, API Security, Encryption, Cloud InfrastructureAbstract
Cloud computing has shifted the paradigm of design of digital systems towards on-demand access to a scalable resource and encouraging fast innovation. Databases provide efficient data storage, retrieval, and management and are thus fundamental to these systems. Applications are becoming increasingly complex and data diverse, and traditional relational databases and monolithic architectures struggle to meet these demands. Serverless computing and NoSQL databases have emerged as important pillars of cloud-native systems in response and offer unmatched scalability, flexibility, and cost-effectiveness. Serverless computing eliminates infrastructure management, enabling automatic code deployment and scaling, while NoSQL databases offer flexible, schema-less storage for large, unstructured data. Despite their benefits, both technologies pose security risks—serverless environments face issues like insecure APIs and limited runtime visibility, while NoSQL systems are prone to weak access controls and injection attacks. This review outlines the most critical vulnerabilities related to the two technologies and shows the most suitable mitigation measures, such as strong authentication, encryption, least privilege access, and continuous monitoring. It also covers the best practices of operations like performance optimization, autoscaling, data backup, and disaster recovery to build resilience and reliability of the systems. The study offers an in-depth overview of the effective serverless and NoSQL infrastructure protection and management by combining the knowledge of the latest research and real-world models. The results should help developers and organizations to create effective, resilient, and secure cloud-based systems that need to be developed according to the changing technology landscapes.
References
[1] Kaur, “A review paper on cloud computing and privacy problems,” International Research Journal of Modern Engineering, Technology and Science, vol. 3, no. 11, 2021, doi: 10.17577/IJERTCONV5IS23002.
[2] V. S. Thokala, “A comparative study of data integrity and redundancy in distributed databases for web applications,” International Journal of Research and Analytical Reviews, vol. 8, no. 4, pp. 383–390, 2021.
[3] Chaudhari and S. Chitraju, “Achieving high-speed data consistency in financial microservices platforms using NoSQL technologies,” International Journal of Advanced Research in Science, Communication and Technology, vol. 4, no. 2, pp. 750–759, Jun. 2024, doi: 10.48175/IJARSCT-18890.
[4] S. Shah and M. Shah, “Deep reinforcement learning for scalable task scheduling in serverless computing,” International Research Journal of Modern Engineering, Technology and Science, vol. 3, no. 12, Jan. 2021, doi: 10.56726/IRJMETS17782.
[5] H. B. Hassan, S. A. Barakat, and Q. I. Sarhan, “Survey on serverless computing,” Journal of Cloud Computing, 2021, doi: 10.1186/s13677-021-00253-7.
[6] V. K. Thatikonda, “Serverless computing: Advantages, limitations and use cases,” European Journal of Theoretical and Applied Sciences, 2023, doi: 10.59324/ejtas.2023.1(5).25.
[7] Jain, S. James, and A. Chambers, “Serverless computing: A comprehensive survey,” 2025.
[8] S. K. Mondal, R. Pan, H. M. D. Kabir, T. Tian, and H.-N. Dai, “Kubernetes in IT administration and serverless computing: An empirical study and research challenges,” The Journal of Supercomputing, vol. 78, no. 2, pp. 2937–2987, Feb. 2022, doi: 10.1007/s11227-021-03982-3.
[9] V. S. Thokala, “Improving data security and privacy in web applications: A study of serverless architecture,” International Research Journal, vol. 11, no. 12, pp. 74–82, 2024.
[10] S. Ahmadi, “Challenges and solutions in network security for serverless computing,” International Journal of Current Science Research and Review, vol. 7, no. 1, 2024, doi: 10.47191/ijcsrr/v7-i1-23.
[11] J. Kanamugire, F. Alhajri, and J. Swen, “Serverless security and privacy,” 2024, doi: 10.13140/RG.2.2.34691.52006.
[12] S. Bloria, “Evolution and impact of NoSQL databases: A comprehensive review,” International Research Journal of Modern Engineering, Technology and Science, vol. 6, no. 6, 2024.
[13] O. Mishra, P. Lodhi, and S. Mehta, “Document-oriented NoSQL databases: An empirical study,” in Communications in Computer and Information Science. Singapore: Springer, 2018, pp. 126–136, doi: 10.1007/978-981-10-8527-7_12.
[14] N. D. Karande, “A survey paper on NoSQL databases: Key-value data stores and document stores,” International Journal of Research in Advent Technology, vol. 16, no. 2, 2018.
[15] Sethi, S. Mishra, and P. K. Patnaik, “A study of NoSQL databases,” International Journal of Engineering Research and Technology, vol. 67, no. 6, pp. 14–21, 2014.
[16] V. S. Thokala, “Efficient data modeling and storage solutions with SQL and NoSQL databases in web applications,” International Journal of Advanced Research in Science, Communication and Technology, vol. 2, no. 1, pp. 470–482, Apr. 2022, doi: 10.48175/IJARSCT-3861B.
[17] S. Ramzan, I. S. Bajwa, R. Kazmi, and Amna, “Challenges in NoSQL-based distributed data storage: A systematic literature review,” Electronics, vol. 8, no. 5, Art. no. 488, Apr. 2019, doi: 10.3390/electronics8050488.
[18] S. S. S. Neeli, “The significance of NoSQL databases: Strategic business approaches and management techniques,” Journal of Advanced Development Research, vol. 10, no. 1, p. 11, 2019.
[19] Marin, D. Perino, and R. Di Pietro, “Serverless computing: A security perspective,” Journal of Cloud Computing, 2022, doi: 10.1186/s13677-022-00347-w.
[20] J. Al Jarri, D. Alharthi, and M. Alquraishi, “Security implications of serverless computing in the cloud,” Zenodo, vol. 12, no. 3, pp. 1–4, 2024, doi: 10.5281/zenodo.12634327.
[21] H. Khan, “Analysis of role-based access control methods in NoSQL databases,” 2019.
[22] Abadi, A. Haib, R. Melamed, A. Nassar, A. Shribman, and H. Yasin, “Holistic disaster recovery approach for big data NoSQL workloads,” in Proc. IEEE Int. Conf. Big Data, 2016, doi: 10.1109/BigData.2016.7840833.
[23] S. S. S. Neeli, “Serverless databases: A cost-effective and scalable solution,” International Journal of Innovative Research in Engineering, Multidisciplinary Physical Sciences, vol. 7, no. 6, p. 7, 2019.
[24] S. A. and R. Nathiya, “Enhancing advanced model architecture in serverless architecture to improve security,” in Proc. 8th Int. Conf. Trends in Electronics and Informatics (ICOEI), IEEE, Apr. 2025, pp. 653–659, doi: 10.1109/ICOEI65986.2025.11013761.
[25] S. Ferreira, J. Mendonça, B. Nogueira, W. Tiengo, and E. Andrade, “Benchmarking consistency levels of cloud-distributed NoSQL databases using YCSB,” IEEE Access, vol. 13, pp. 63428–63438, 2025, doi: 10.1109/ACCESS.2025.3558923.
[26] Bhatt, S. Sharma, and S. Bhadula, “Security issues in serverless cloud computing architectures,” in Proc. IEEE Int. Conf. Computing, Power and Communication Technologies (IC2PCT), Feb. 2024, pp. 39–43, doi: 10.1109/IC2PCT60090.2024.10486369.
[27] K. Meher, D. Mishra, and A. K. Sahoo, “Exploring flexibility of NoSQL databases in big data environments,” in Proc. IEEE Int. Conf. Applied Electromagnetics, Signal Processing, and Communication (AESPC), Nov. 2024, pp. 1–6, doi: 10.1109/AESPC63931.2024.10872339.
[28] K. Krishan, G. Gupta, and G. S. Bhathal, “Striking the balance: Comprehensive insights into data consistency in NoSQL realms,” in Proc. IEEE Int. Conf. Computing for Sustainable Global Development (INDIACom), Feb. 2024, pp. 715–720, doi: 10.23919/INDIACom61295.2024.10498626.
[29] N. S. Dey, S. P. K. Reddy, and L. G, “Serverless computing: Architectural paradigms, challenges, and future directions in cloud technology,” in Proc. 7th Int. Conf. I-SMAC (IoT in Social, Mobile, Analytics and Cloud), IEEE, Oct. 2023, pp. 406–414, doi: 10.1109/I-SMAC58438.2023.10290253.
