Just as computers have become more and more prevalent in everyday life, networks of linked computers have become important in distributing information amongst computer users. Many computer systems are organized according to a client/server metaphor. Generally, in client/server computing, end users are each provided with a desktop computer or terminal known as a “client.” The clients are connected using a network to another computer known as a “server”, because its general function is to serve or fulfill requests submitted by clients. Application programs running on the clients prepare requests and transmit them to the server over the network. A ‘network’ of computers can be any number of computers that are able to exchange information with one another. The computers may be arranged in any configuration and may be located in the same room or in different countries, so long as there is some way to connect them together (for example, by telephone lines or other communication systems) so they can exchange information. Just as computers may be connected together to make up a network, networks may also be connected together through tools known as bridges and gateways. These tools allow a computer in one network to exchange information with a computer in another network.
Of particular interest in today's computing environment are relational database applications. Relational DataBase Management System (RDBMS) software using a Structured Query Language (SQL) interface is well known in the art. The SQL interface has evolved into a standard language for RDBMS software and has been adopted as such by both the American Nationals Standard Organization (ANSI) and the International Standards Organization (ISO).
In RDBMS software, all data is externally structured into tables. The SQL interface allows users to formulate relational operations on the tables either interactively, in batch files, or embedded in host languages such as C, COBOL, etc. Operators are provided in SQL that allow the user to manipulate the data, wherein each operator operates on either one or two tables and produces a new table as a result. The power of SQL lies in its ability to link information from multiple tables or views together to perform complex sets of procedures with a single statement.
The power of being able to gather, store, and relate information in database systems and then operate on that information through SQL allows for an almost limitless range of applications for such technology. Together with computer networks, including the Internet, incredible opportunities exist for people and businesses to communicate and to conduct commerce. Concerns arise with these opportunities, particularly with regard to ensuring confidentiality of personal information, sensitive communications, and financial data.
For example, users sometimes are required to input personal information, such as credit card information, for processing within a website. While security techniques may be used during the transmission of the data, within the database receiving and storing the information, the information remains accessible to the database administrator (DBA). A DBA refers to an individual who is responsible for the design, development, operation, safeguarding, maintenance, and use of a database. Unfortunately, the accessibility of the confidential, personal information of a user creates an opportunity for intruders/malicious DBAs to misuse the information.
Accordingly, a need exists for a technique that provides users with a straightforward and flexible manner of protecting confidential information within a database. The present invention addresses such a need.