The application should use an indirect reference map to conceal DB ids and keys from the user and to ensure that unauthorized data elements are not directly referenced by the user.