Relational databases, and their corresponding management systems, are very popular for storage and access of data. Relational databases are organized into tables which consist of rows and columns of data. The rows are formally called tuples. A database will typically have many tables and each table will typically have multiple tuples and multiple columns. The tables are typically stored on direct access storage devices (DASD) such as magnetic or optical disk drives for semi-permanent storage.
Typically, such databases are accessible through queries in SQL, Structured Query Language, which is a standard language for interactions with such relational databases. An SQL query is received by the management software for the relational database and is then used to look up information in the database tables.
Certain types of data, such as sensitive financial information or data that may have privacy related issues, should be masked at the time of retrieval from the database. Typically, it is preferred that the uncorrupted and unmasked data be stored on the database, as certain applications may need to access the unmasked data, while other applications should only have access to masked data.
For simple data retrieval functions, it is possible to mask the data based upon the presence of a sensitive field in the query at the time that the query is transmitted, indicating sensitive data that should be masked. In other words, the query is sent to the database and then analyzed; upon determining that at least one field should contain masked data, it is possible to substitute the masked data for the actual data that the query would normally return, such that the results of the query feature masked data and not sensitive data. This substitution is possible by storing a function at the database which performs the analysis and substitution “on the fly” at the time of responding to the query.
For complex stored procedures, which are stored at the database and which feature multiple functions, it can be very difficult to detect and correctly handle such fields at the time of responding to the query, which may be buried deep within the stored procedure. On the other hand, stored procedures save query transmission bandwidth and prevent repetitive query transmission, while also permitting greater security and control over queries, so they are generally quite useful, except for the problem of sensitive data. Thus, for such stored procedures, a different method is required, which preserves the utility of stored procedures while also protecting sensitive data.