My organization wishes to get some confidential data uploaded by users in the form of PDF file, that may be password protected. Each user may be given a key/password that he will use to password protect PDF file he will upload. PDF files will be uploaded to the server in a pre-designated folder. Obviously, the password will be stored in the database. PDF folder and user's password may be known to a group of people who work on this project or who use that database. And so anyone of these group members may access that PDF. which is not desired.
What is the solution?