“How can I protect the data stored in my database without having to disconnect it completely from the world?”
If this sounds familiar, then you probably own or are responsible for a piece of sensitive information. You cherish it and understand that it’s to your advantage to keep it safe. At the same time, you would like to share the information with people you trust --even from outside the organization-- so that they may put it to good and profitable use.
That the information happens to be stored in a relational database is something you find very convenient: it is easy to connect to the database and query the information using SQL; anyone that has access can analyze it, write reports on it and even build applications with it.
But this is far from easy. Laws and regulations of various sorts put limits on how to share information. Business requirements change rapidly, so whoever was allowed to access the data yesterday may not be allowed to access it today. Concurrent regulations and/or business needs get combined into increasingly complex and dynamic policies. Also the granularity of access has changed, from the database to the table to the row and finally to the cell level. To complicate matters even further, there is on-going explosion of data volumes. Changing the way we develop applications from now on can help, but we still need to take care of legacy applications, where retrofitting access policies may turn out to be close to impossible.