Outsourcing database to database service providers demonstrates an emerging computation paradigm in many organizations. To meet the requirement of protecting sensitive data from outside providers, a bucket-based storage method is proposed to store the data encrypted. However, this storage method does not address the access control from the inside users, and an inside user may have enough rights to access the query results. In this paper, we propose a simple method to protect sensitive data both from insiders and outsiders on the bucket-based method. The session keys, used to encrypt sensitive data, are stored encrypted with corresponding tuples on remote databases. By constructing the user abilities to decrypt these encrypted keys on hierarchies, only the users in higher hierarchies are allowed to decrypt the encrypted session keys issued in some lower hierarchies. This method combines key distribution with access control and can be applied in the small enterprises where the users are structured in hierarchies.