[摘要] In this thesis, we present a novel approach to database security which looks at queries instead of the database tables themselves. In doing so, we use a number of Semantic Web technologies to define rules, translate queries, and make assertions about compliance with existing policies. We can ascertain compliance without looking at the contents of the database. Our system can function as a drop-in addition to an existing database system, adding additional functionality in a robust manner. The policies are written in the AIR language, and the reasoners and wrapper scripts in C++ and Python. We discuss the design and implementation of this system in detail.