Database security, privacy, access control, database firewall, data break masking
Recently, information leakage incidents have occurred due to database security vulnerabilities. The administrators in the traditional database access control methods grant simple permissions to users for accessing database objects. Even though they tried to apply more strict permissions in recent database systems, it was difficult to properly adopt sophisticated access control policies to commercial databases due to performance degradations. This paper proposes a database security system including a database firewall server as an enhanced database access control system which can efficiently enforce sophisticated security policies to provide database with confidentiality using a data masking technique for diverse conditions such as the date, time, SQL string, and table columns to database systems.