公开(公告)号：US11374908B2

公开(公告)日：2022-06-28

申请号：US17644854

申请日：2021-12-17

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Eric Robinson ,  Rodney Weaver

IPC: H04L29/06 ,  H04L9/40 ,  G06F16/27

Abstract: A network device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences messages, such as replication data, over a channel comprising a plurality of private network nodes. The messages can be generated and encrypted using one or more key pairs and changing wrapping replication keys to send and receive the messages between different types of database deployments.

公开(公告)号：US11223603B2

公开(公告)日：2022-01-11

申请号：US17463338

申请日：2021-08-31

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Eric Robinson ,  Rodney Weaver

IPC: H04L29/06 ,  G06F16/27

Abstract: A network device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences messages, such as replication data, over a channel comprising a plurality of private network nodes. The messages can be generated and encrypted using one or more key pairs and changing wrapping replication keys to send and receive the messages between different types of database deployments.

公开(公告)号：US10862873B1

公开(公告)日：2020-12-08

申请号：US16863191

申请日：2020-04-30

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Robert Bengt Benedikt Gernhardt ,  Martin Hentschel ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L29/06 ,  G06F16/27 ,  H04L9/30

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.

公开(公告)号：US12235868B2

公开(公告)日：2025-02-25

申请号：US18323155

申请日：2023-05-24

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Nithin Mahesh ,  Laxman Mamidi ,  Subramanian Muralidhar ,  Vishnu Dutt Paladugu ,  Sahaj Saini

IPC: G06F16/00 ,  G06F11/14 ,  G06F11/20 ,  G06F16/11 ,  G06F16/13 ,  G06F16/178 ,  G06F16/182 ,  G06F16/25 ,  G06F16/27

Abstract: A method includes generating at a source account of a database system user, a replication group object (RGO). The RGO includes a manifest identifying one or more data object types and one or more databases. A replication of data objects of the one or more data object types is performed from the one or more databases to a target account of the database system user. The replication of the data objects is performed as a unit. The RGO is replicated as a failover group object (FGO) within the target account of the database system user. A network failure is detected at the source account of the database system user. The target account of the database system user is promoted as a new source account based on the detecting of the network failure.

公开(公告)号：US20250061026A1

公开(公告)日：2025-02-20

申请号：US18937919

申请日：2024-11-05

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Nithin Mahesh ,  Sahaj Saini ,  Matthew Uhlar

IPC: G06F11/14 ,  G06F16/25 ,  G06F16/27

Abstract: This disclosure provides methods and techniques of data replication involving cross replication group (RG) references. The present disclosure avoids automatic replication failing when an entity in an RG refers to another entity external to the RG. The entity to be replicated within the RG is referred to as the “referring entity,” and the entity as the dangling reference is referred to as the “referred entity.” Although the referring and referred entities are not replicated together in a replication operation, the referred entity may have already been replicated to the target account in another replication operation on a different replication group. In such cases, the data replication procedure may, according to aspects of the present disclosure, check if the referred entity has already been replicated, and if so, proceed to replicate the referring entity without fail, and link the referring and referred entities to enable normal functioning of the referring entity.

公开(公告)号：US20240195785A1

公开(公告)日：2024-06-13

申请号：US18582313

申请日：2024-02-20

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Eric Robinson ,  Rodney Weaver

IPC: H04L9/40 ,  G06F16/27

CPC classification number: H04L63/0272 ,  G06F16/27 ,  H04L63/0281 ,  H04L63/0435

Abstract: A method includes encoding, by at least one hardware processor, database data in a first portion of a first data file of a plurality of data files. The encoding of the database data is based on a first encryption key. The method further includes encoding the first encryption key in a second portion of the first data file. The encoding of the first encryption key is based on a second encryption key associated with a second data file of the plurality of data files. The method further includes causing transmission of the plurality of data files from a first database deployment to a second database deployment.

公开(公告)号：US11943203B2

公开(公告)日：2024-03-26

申请号：US18055493

申请日：2022-11-15

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Eric Robinson ,  Rodney Weaver

IPC: H04L9/40 ,  G06F16/27

CPC classification number: H04L63/0272 ,  G06F16/27 ,  H04L63/0281 ,  H04L63/0435

Abstract: A method includes selecting, by at least one hardware processor of a first database deployment, data for transmission to a second database deployment. The data includes a plurality of files forming a data stream. At least a first file of the plurality of files is encoded using a first encryption key which is stored in at least a second file of the plurality of files. The at least a first file is further encoded to include a second encryption key associated with at least a third file of the plurality of files. A set of nodes is identified in a virtual private network connected to the first and second database deployments. The data stream is transmitted from the first database deployment to the second database deployment via the set of nodes of the virtual private network that is connected to the first database deployment and the second database deployment.

公开(公告)号：US11736438B2

公开(公告)日：2023-08-22

申请号：US17156072

申请日：2021-01-22

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L29/06 ,  H04L9/40

CPC classification number: H04L63/0218 ,  H04L63/0236 ,  H04L63/0245

Abstract: Different database deployments, or other data system deployments, may want to communicate with each other without sacrificing security or control. To this end, embodiments of the present disclosure may provide secure message exchange techniques for a source and/or target deployment. Configurable rule sets may be stored in the deployments; the rule sets may define what messages may be communicated between deployments. The deployments may implement a selective filtering scheme in one or more stages based on the rule sets to filter outgoing and/or incoming messages.

公开(公告)号：US20230138110A1

公开(公告)日：2023-05-04

申请号：US17809829

申请日：2022-06-29

Applicant: Snowflake Inc.

Inventor： Lin Chan ,  Tianyi Chen ,  Robert Bengt Benedikt Gernhardt ,  Nithin Mahesh ,  Eric Robinson

IPC: G06F16/14 ,  G06F16/16

Abstract: Techniques for executing show commands are described herein. A plurality of navigation steps is utilized, each navigation step corresponding to a different layer in a database structure and each navigation step including an operator to fetch items from a metadata database up to respective bounded limits. Dependency information is also fetched for objects of the specified object type in the show command. After a set of objects from the last layer are processed, memory for the navigation steps is flushed and the next set of objects are processed.

公开(公告)号：US11539677B2

公开(公告)日：2022-12-27

申请号：US17656620

申请日：2022-03-25

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Robert Bengt Benedikt Gernhardt ,  Martin Hentschel ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L9/40 ,  H04L9/08 ,  G06F16/27 ,  H04L9/30

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.