Access control enforcement on query-aware encrypted cloud databases