公开(公告)号：US20200233856A1

公开(公告)日：2020-07-23

申请号：US16838301

申请日：2020-04-02

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Martin Hentschel ,  William Waddington

IPC: G06F16/23 ,  G06F16/2455 ,  G06F16/22 ,  G06F21/60

Abstract: A method for a database system includes storing table data for a database, the table data including information in rows and columns of one or more database tables. The method includes storing metadata on immutable storage, the metadata including information about the table data for the database. In one embodiment, mutable metadata may be periodically consolidated in the background to create new versions of metadata files and which allows for deletions of old metadata files and old data files.

公开(公告)号：US20200167497A1

公开(公告)日：2020-05-28

申请号：US16779103

申请日：2020-01-31

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Thierry Cruanes ,  Martin Hentschel ,  Peter Povinec

IPC: G06F21/62 ,  G06F16/25

Abstract: A method for sharing data in a multi-tenant database includes generating a share object in a first account comprising a share role. The method includes associating one or more access rights with the share role, wherein the one or more access rights indicate which objects in the first account are accessible based on the share object. The method includes granting, to a second account, cross-account access rights to the share role or share object in the first account. The method includes receiving a request from the second account to access data or services of the first account. The method further includes providing a response to the second account based on the data or services of the first account.

公开(公告)号：US20250053680A1

公开(公告)日：2025-02-13

申请号：US18928687

申请日：2024-10-28

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Peter Povinec ,  Philipp Thomas Unterbrunner ,  Martin Hentschel

IPC: G06F21/62 ,  G06F21/60

Abstract: A method of preventing queries from accessing database files based on metadata. The method includes determining a first metadata associated with a particular file and a second metadata associated with a changed version of the particular file. The method includes directing, based on the first metadata associated with the particular file, a first query for the particular file to a first file that is associated with the particular file. The method includes preventing a second query for the particular file from accessing the particular file by directing, based on the second metadata associated with the changed version of the particular file, the second query to the changed version of the particular file instead of the particular file.

公开(公告)号：US12158970B2

公开(公告)日：2024-12-03

申请号：US18111821

申请日：2023-02-20

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Peter Povinec ,  Philipp Thomas Unterbrunner ,  Martin Hentschel

IPC: G06F21/62 ,  G06F21/60

Abstract: A method for directing queries to encrypted database files includes acquiring a mapping that links a first encrypted file with a different encrypted file. The first encrypted file is generated based on a first encryption key. The method includes generating, by one or more processors based on the mapping, an updated mapping to link a second encrypted file with the different encrypted file. The second encrypted file is generated based on a second encryption key. The method includes directing, using the mapping, a first query to the first encrypted file when the first query arrives before generating the updated mapping; and. The method includes directing, using the updated mapping, a second query to the second encrypted file when a second query arrives after generating the updated mapping.

公开(公告)号：US20230334166A1

公开(公告)日：2023-10-19

申请号：US18343361

申请日：2023-06-28

Applicant: SNOWFLAKE INC.

Inventor： Benoit Dageville ,  Thierry Cruanes ,  Martin Hentschel ,  Peter Povinec

IPC: G06F21/62 ,  G06F16/25

CPC classification number: G06F21/6218 ,  G06F16/256 ,  G06F2221/2145

Abstract: A method of sharing data in a multi-tenant database includes inspecting, by a processing device of a multiple tenant database, a sharer account to determine an existence of a link between an alias object in a target account and a database, wherein the database is linked to a first role object included in a share object in the sharer account. The method includes granting a second role object, in the target account, access rights to the alias object, wherein the first role object having one or more grants to one or more resources of the sharer account, and wherein the target account accesses the one or more resources using the one or more grants of the share object and using the alias object without at least one of copying the one or more resources or transmitting the one or more resources.

公开(公告)号：US11727136B2

公开(公告)日：2023-08-15

申请号：US17697744

申请日：2022-03-17

Applicant: SNOWFLAKE INC.

Inventor： Benoit Dageville ,  Thierry Cruanes ,  Martin Hentschel ,  Peter Povinec

IPC: G06F21/62 ,  G06F16/25

CPC classification number: G06F21/6218 ,  G06F16/256 ,  G06F2221/2145

Abstract: A method of sharing data in a multi-tenant database includes inspecting, by a processing device of a multiple tenant database, a sharer account to determine a presence of a grant to a second role object, in a target account, of access rights to a first role object included in the sharer account. The method includes granting the second role object, in the target account, access rights to an alias object. The first role object having one or more grants to the one or more resources of the sharer account. The target account accesses the one or more resources using the one or more grants of the first role object and using the alias object without at least one of copying the one or more resources or transmitting the one or more resources.

公开(公告)号：US20220217125A1

公开(公告)日：2022-07-07

申请号：US17656620

申请日：2022-03-25

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Robert Bengt Benedikt Gernhardt ,  Martin Hentschel ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L9/40 ,  H04L9/08 ,  G06F16/27 ,  H04L9/30

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.

公开(公告)号：US20220215041A1

公开(公告)日：2022-07-07

申请号：US17703804

申请日：2022-03-24

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Eric Robinson ,  Martin Hentschel

IPC: G06F16/27 ,  G06F16/245

Abstract: Replication and failover of database data is disclosed. A method includes copying a first dataset of a first account stored in a primary deployment to a secondary deployment. The method includes determining that the first dataset stored in the primary deployment is unavailable. The method includes executing a first transaction on the first dataset at the secondary deployment in response to determining that the first dataset stored in the primary deployment is unavailable. The method includes executing a second transaction on a second dataset of a second account at the primary deployment while the first dataset of the first account stored in the primary deployment is unavailable.

公开(公告)号：US11366926B2

公开(公告)日：2022-06-21

申请号：US17559226

申请日：2021-12-22

Applicant: SNOWFLAKE INC.

Inventor： Allison Waingold Lee ,  Peter Povinec ,  Martin Hentschel ,  Robert Muglia

IPC: G06F21/62 ,  G06F21/78 ,  G06F16/245 ,  G06F16/22 ,  G06F21/71

Abstract: Systems, methods, and devices for implementing secure views for zero-copy data sharing in a multi-tenant database system are disclosed. A method includes receiving, by a cross-account, a grant to access a share object comprising a secure view and usage functionality associated with a secure user-defined function (UDF) to underlying data. The method includes accessing, by the cross-account, the share object using the grant. The method includes sending a request to a share component to cause the share component to implement the secure view and the usage functionality associated with the secure UDF. The method includes sending a query to the share component to cause the share component to implement the secure UDF.

公开(公告)号：US11290433B2

公开(公告)日：2022-03-29

申请号：US17219700

申请日：2021-03-31

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Robert Bengt Benedikt Gernhardt ,  Martin Hentschel ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L29/06 ,  H04L9/08 ,  G06F16/27 ,  H04L9/30

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.