公开(公告)号：US20240378305A1

公开(公告)日：2024-11-14

申请号：US18316787

申请日：2023-05-12

Applicant: Snowflake Inc.

Inventor： Suraj P. Acharya ,  Jennifer Wenjun Bi ,  Khalid Zaman Bijon ,  Damien Carru ,  Lin Chan ,  Tianyi Chen ,  Jeremy Yujui Chen ,  Thierry Cruanes ,  Benoit Dageville ,  Simon Holm Jensen ,  Boxin Jiang ,  Dmitry A. Lychagin ,  Subramanian Muralidhar ,  Shuaishuai Nie ,  Eric Robinson ,  Sahaj Saini ,  David Schultz ,  Kevin Wang ,  Wenqi Wei ,  Zixi Zhang ,  Xingzhe Zhou

IPC: G06F21/62 ,  G06F21/60

Abstract: Systems and methods for generating object references with selectable scopes are provided. The systems and methods perform operations including calling, by a first entity, a reference generator function using one or more arguments associated with a database object that the first entity is authorized to access according to a first set of access privileges, the one or more arguments comprising a scope definition that defines persistence of a reference. The operations include obtaining, from the reference generator function, a reference to the database object, the reference persisting according to the scope definition. The operations include passing the reference to a second entity to enable the second entity to perform one or more database operations on the database object according to a second set of access privileges derived from the first set of access privileges.

公开(公告)号：US11934543B1

公开(公告)日：2024-03-19

申请号：US18056489

申请日：2022-11-17

Applicant: Snowflake Inc.

Inventor： Jennifer Wenjun Bi ,  Khalid Zaman Bijon ,  Damien Carru ,  Thierry Cruanes ,  Simon Holm Jensen ,  Daniel N. Meredith ,  Subramanian Muralidhar ,  Eric Robinson ,  David Schultz ,  Zixi Zhang

IPC: G06F21/60 ,  G06F21/62

CPC classification number: G06F21/604 ,  G06F21/6227 ,  G06F2221/2113 ,  G06F2221/2141

Abstract: Systems and methods for generating transient object references are provided. The systems and methods perform operations including establishing a session between a first entity and a second entity. The operations include identifying an object that the first entity is authorized to access according to a first set of access privileges. The operations include generating a reference associated with the object. The operations include temporarily authorizing the second entity to access the object using the reference according to a second set of access privileges, the second set of access privileges being derived from the first set of access privileges.