-
公开(公告)号:US20230102349A1
公开(公告)日:2023-03-30
申请号:US18062656
申请日:2022-12-07
Applicant: Snowflake Inc.
Inventor: Artin Avanes , Khalid Zaman Bijon , Damien Carru , Thierry Cruanes , Vikas Jain , Zheng Mi , Subramanian Muralidhar
IPC: G06F21/62 , G06F16/22 , G06F16/27 , G06F16/25 , G06F16/248
Abstract: A shared database platform implements dynamic masking on data shared between users where specific data is masked, transformed, or otherwise modified based on preconfigured functions that are associated with user roles. The shared database platform can implement the masking at runtime dynamically in response to users requesting access to a database object that is associated with one or more masking policies.
-
公开(公告)号:US11055430B2
公开(公告)日:2021-07-06
申请号:US17086269
申请日:2020-10-30
Applicant: Snowflake Inc.
Inventor: Artin Avanes , Khalid Zaman Bijon , Damien Carru , Thierry Cruanes , Vikas Jain , Zheng Mi , Subramanian Muralidhar
IPC: G06F21/62 , G06F16/27 , G06F16/25 , G06F16/22 , G06F16/248
Abstract: A shared database platform implements dynamic masking on data shared between users where specific data is masked, transformed, or otherwise modified based on preconfigured functions that are associated with user roles. The shared database platform can implement the masking at runtime dynamically in response to users requesting access to a database object that is associated with one or more masking policies.
-
公开(公告)号:US20210157948A1
公开(公告)日:2021-05-27
申请号:US17086269
申请日:2020-10-30
Applicant: Snowflake Inc.
Inventor: Artin Avanes , Khalid Zaman Bijon , Damien Carru , Thierry Cruanes , Vikas Jain , Zheng Mi , Subramanian Muralidhar
IPC: G06F21/62 , G06F16/27 , G06F16/248 , G06F16/22 , G06F16/25
Abstract: A shared database platform implements dynamic masking on data shared between users where specific data is masked, transformed, or otherwise modified based on preconfigured functions that are associated with user roles. The shared database platform can implement the masking at runtime dynamically in response to users requesting access to a database object that is associated with one or more masking policies.
-
公开(公告)号:US20250005192A1
公开(公告)日:2025-01-02
申请号:US18885431
申请日:2024-09-13
Applicant: Snowflake Inc.
Inventor: Vikas Jain , Eric Karlson , Sepideh Khoshnood
Abstract: Embodiments of the present disclosure provide systems and methods for using secure schemas to address inconsistencies between standard RBAC rules and the use of inherited grants. A secure schema may be defined that transfers ownership of an object created in the secure schema to a role that owns the secure schema. An inherited grant may be attached to the secure schema, where the inherited grant specifies a permission on a first type of object in the secure schema and a grant of the permission to the role that owns the secure schema. When objects are created in the secure schema, ownership of each of the set of objects is transferred to the role that owns the secure schema to authorize the role that owns the secure schema to manage grants to the set of objects on the secure schema.
-
Patent Agency Ranking
公开(公告)号:US20240403477A1
公开(公告)日:2024-12-05
申请号:US18805286
申请日:2024-08-14
Applicant: Snowflake Inc.
Inventor: Vikas Jain , Eric Karlson , Sepideh Khoshnood
Abstract: Embodiments of the present disclosure provide systems and methods for using inherited grants to grant privileges to objects in a container. An inherited grant may be generated that specifies a permission on a first type of object in a container and a grant of the permission to a role. The inherited grant may be attached to the container, wherein the container includes a set of objects of the first type. In response to a first object of the set of objects being referenced via the role, a virtual implied grant may be created based on the inherited grant. Authorization of utilization of the permission on the first object is performed using the virtual implied grant, wherein the virtual implied grant is transient and exists in-memory only for the purpose of authorizing the utilization of the permission on the first object.
-
公开(公告)号:US12124602B2
公开(公告)日:2024-10-22
申请号:US18228546
申请日:2023-07-31
Applicant: Snowflake Inc.
Inventor: Vikas Jain , Eric Karlson , Sepideh Khoshnood
CPC classification number: G06F21/6227 , G06F21/604 , G06F21/6218 , H04L63/10 , H04L63/102 , H04L63/105 , H04L63/101 , H04L63/104 , H04L63/107
Abstract: Embodiments of the present disclosure provide systems and methods for using secure schemas to address inconsistencies between standard RBAC rules and the use of inherited grants. A secure schema may be defined that transfers ownership of an object created in the secure schema to a role that owns the secure schema. An inherited grant may be attached to the secure schema, where the inherited grant specifies a permission on a first type of object in the secure schema and a grant of the permission to the role that owns the secure schema. When objects are created in the secure schema, ownership of each of the set of objects is transferred to the role that owns the secure schema to authorize the role that owns the secure schema to manage grants to the set of objects on the secure schema.
-
公开(公告)号:US12061717B2
公开(公告)日:2024-08-13
申请号:US18062656
申请日:2022-12-07
Applicant: Snowflake Inc.
Inventor: Artin Avanes , Khalid Zaman Bijon , Damien Carru , Thierry Cruanes , Vikas Jain , Zheng Mi , Subramanian Muralidhar
CPC classification number: G06F21/6227 , G06F16/221 , G06F16/2282 , G06F16/248 , G06F16/252 , G06F16/27
Abstract: A shared database platform implements dynamic masking on data shared between users where specific data is masked, transformed, or otherwise modified based on preconfigured functions that are associated with user roles. The shared database platform can implement the masking at runtime dynamically in response to users requesting access to a database object that is associated with one or more masking policies.
-
公开(公告)号:US20230185931A1
公开(公告)日:2023-06-15
申请号:US18167607
申请日:2023-02-10
Applicant: Snowflake Inc.
Inventor: Suraj P. Acharya , Damien Carru , Vikas Jain , Zhen Mo , Frantisek Rolinek
CPC classification number: G06F21/604 , G06F21/602 , G06F16/27 , G06F21/6218 , G06F2221/2145
Abstract: A request to replicate a first account maintained by a data platform is received. Based on the request, account data associated with the account is accessed. The account data comprises security configurations for the first account. In response to the request, the first account is replicated using the account data. A second account results from replicating the first account. The replicating of the first account comprises automatically replicating the security configurations for the first account to the second account. The replicating of the security configurations comprises replicating an identity management configuration of the first account; replicating an authorization configuration of the first account; and replicating an authentication configuration of the first account.
-
公开(公告)号:US11620395B1
公开(公告)日:2023-04-04
申请号:US17898176
申请日:2022-08-29
Applicant: Snowflake Inc.
Inventor: Suraj P. Acharya , Damien Carru , Vikas Jain , Zhen Mo , Frantisek Rolinek
Abstract: A request to replicate a first account maintained by a data platform is received. Based on the request, account data associated with the account is accessed. The account data comprises security configurations for the first account. In response to the request, the first account is replicated using the account data. A second account results from replicating the first account. The replicating of the first account comprises automatically replicating the security configurations for the first account to the second account. The replicating of the security configurations comprises replicating an identity management configuration of the first account; replicating an authorization configuration of the first account; and replicating an authentication configuration of the first account.
-
-
-
-
-
-
-
-
Search Results
19
records
(took 0.017 seconds)
