公开(公告)号：US20230063911A1

公开(公告)日：2023-03-02

申请号：US17957794

申请日：2022-09-30

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Pui Kei Johnston Chu ,  Benoit Dageville ,  Shreyas Narendra Desai ,  Subramanian Muralidhar ,  Bowen Zhang

IPC: G06F21/62 ,  G06F16/25 ,  G06F16/21

Abstract: Embodiments of the present disclosure relate to sharing database roles using hidden roles. A database role may be generated within a database container having a plurality of data objects, wherein the database role exists exclusively within the database container. A set of grants to a particular subset of the plurality of data objects of the database container may be assigned to the database role. For each of a set of share objects to which the database role is to be granted: a hidden role having no identifier may be created, the database role may be granted to the hidden role, and the hidden role may be granted to a share object. Each of the set of share objects are mounted within a consumer account to generate a set of imported database containers within the consumer account, wherein each imported database container includes an individualized grant of the database roles.

公开(公告)号：US11595399B2

公开(公告)日：2023-02-28

申请号：US17894817

申请日：2022-08-24

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Matthew Glickman ,  Christian Kleinerman ,  Prasanna Krishnan ,  Justin Langseth

IPC: H04L9/40 ,  G06F16/2455 ,  H04L41/22 ,  H04L67/1097 ,  H04L51/212

Abstract: Providing access to consumer information on a private data exchange is described. In an example, privileges are assigned to a share object, granting access to consumer information obtained from a query against data referenced by a data listing of a data exchange. The data exchange comprises one or more data listings provided by one or more data providers. In response to the share object being added to a list of consumed share objects of a data provider that provided the data listing, a database is generated that references the consumer information based on the share object. Access to the database is granted to the data provider that provided the data listing.

公开(公告)号：US11593509B1

公开(公告)日：2023-02-28

申请号：US17885335

申请日：2022-08-10

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Jeremy Yujui Chen ,  Pui Kei Johnston Chu ,  Thierry Cruanes ,  Istvan Cseri ,  Benoit Dageville ,  Unmesh Jagtap ,  Subramanian Muralidhar

IPC: G06F21/62 ,  G06Q30/06 ,  G06F9/445

Abstract: Embodiments of the present disclosure enable users of a data sharing system to build native applications that can be shared with other users of the data sharing system. The native applications can be published and discovered in the data sharing system like any other data listing, and consumers can install them in their local data sharing system account to serve their data processing needs. A provider may define an installation script for installing an application and create a share object to which the installation script may be attached. In response to an imported database being created in a consumer account based on the share object, a native application framework may automatically execute the installation script in the consumer account and may create a set of database roles to manage execution of the application in the consumer account.

公开(公告)号：US11586761B2

公开(公告)日：2023-02-21

申请号：US17537312

申请日：2021-11-29

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Peter Povinec ,  Philipp Thomas Unterbrunner ,  Martin Hentschel

IPC: G06F21/62 ,  G06F21/60

Abstract: A method for encrypting database files includes generating a mapping for a plurality of encrypted files. A first encrypted file of the plurality of encrypted files is encrypted with a first encryption key. The method includes generating a second encrypted file by re-encrypting, for a period of time, data in the first encrypted file using a second encryption key. The first encrypted file remains accessible to one or more queries during the period of time. The method includes updating the mapping to associate the second encrypted file with the first encrypted file. The mapping is updated after the second encrypted file has been generated. The method includes preventing a query from accessing the first encrypted file after the second encrypted file has been generated.

公开(公告)号：US11580245B1

公开(公告)日：2023-02-14

申请号：US17957794

申请日：2022-09-30

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Pui Kei Johnston Chu ,  Benoit Dageville ,  Shreyas Narendra Desai ,  Subramanian Muralidhar ,  Bowen Zhang

IPC: G06F21/62 ,  G06F16/25 ,  G06F16/21

Abstract: Embodiments of the present disclosure relate to sharing database roles using hidden roles. A database role may be generated within a database container having a plurality of data objects, wherein the database role exists exclusively within the database container. A set of grants to a particular subset of the plurality of data objects of the database container may be assigned to the database role. For each of a set of share objects to which the database role is to be granted: a hidden role having no identifier may be created, the database role may be granted to the hidden role, and the hidden role may be granted to a share object. Each of the set of share objects are mounted within a consumer account to generate a set of imported database containers within the consumer account, wherein each imported database container includes an individualized grant of the database roles.

公开(公告)号：US11580070B2

公开(公告)日：2023-02-14

申请号：US17186389

申请日：2021-02-26

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Thierry Cruanes ,  Marcin Zukowski ,  Allison Waingold Lee ,  Philipp Thomas Unterbrunner

IPC: G06F16/172 ,  G06F16/13 ,  G06F16/182 ,  G06F16/22 ,  G06F16/2455

Abstract: A query directed to database data stored across a set of files is received. The query includes predicates and each file from the set of files is associated with metadata stored in a metadata store that is separate from a storage platform that stores the set of files. One or more files are removed from the set of files whose metadata does not satisfy a predicate of the plurality of predicates to generate a pruned set of files. One or more predicates are removed that are satisfied by the metadata of the pruned set of files to generate a modified query.

公开(公告)号：US20230012433A1

公开(公告)日：2023-01-12

申请号：US17933082

申请日：2022-09-17

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Johan Harjono ,  Kunal Prafulla Nabar ,  Steven James Pelley

IPC: G06F16/23 ,  G06F16/2455

Abstract: Systems, methods, and devices for retrying a query. A method includes receiving a query directed to database data and assigning execution of the query to one or more execution nodes of an execution platform, the one or more execution nodes configured to execute the query on a first version of a database platform. The method includes determining that execution of the query was unsuccessful. The method includes assigning a first retry execution of the query to the one or more execution nodes of the execution platform and determining whether a regression or an intermittent fault caused the execution of the query to be unsuccessful based at least in part on whether the first retry execution of the query was successful or unsuccessful.

公开(公告)号：US20220407862A1

公开(公告)日：2022-12-22

申请号：US17894817

申请日：2022-08-24

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Matthew Glickman ,  Christian Kleinerman ,  Prasanna Krishnan ,  Justin Langseth

IPC: H04L9/40 ,  G06F16/2455 ,  H04L41/22 ,  H04L67/1097 ,  H04L51/212

Abstract: Providing access to consumer information on a private data exchange is described. In an example, privileges are assigned to a share object, granting access to consumer information obtained from a query against data referenced by a data listing of a data exchange. The data exchange comprises one or more data listings provided by one or more data providers. In response to the share object being added to a list of consumed share objects of a data provider that provided the data listing, a database is generated that references the consumer information based on the share object. Access to the database is granted to the data provider that provided the data listing.

公开(公告)号：US11494407B2

公开(公告)日：2022-11-08

申请号：US17573550

申请日：2022-01-11

Applicant: SNOWFLAKE INC.

Inventor： Thierry Cruanes ,  Benoit Dageville ,  Allison Waingold Lee

IPC: G06F15/16 ,  G06F16/27 ,  G06F9/50 ,  G06F16/14 ,  G06F16/21 ,  G06F16/22 ,  G06F16/951 ,  G06F16/182 ,  G06F16/23 ,  G06F16/2455 ,  G06F16/2458 ,  G06F16/9535 ,  G06F16/2453 ,  H04L67/568 ,  A61F5/56 ,  G06F9/48 ,  H04L67/1095 ,  H04L67/1097

Abstract: Embodiments of the present disclosure relate to systems and methods for executing queries on a database platform. A processing device may execute a first operator in a query plan to process a set of data and generate an intermediate result of a query. the intermediate result of the first operator may be pushed, during execution of the query plan, to a plurality of secondary operators as the intermediate result is generated. Each of the plurality of secondary operators may be initiated to concurrently process the intermediate result to generate a plurality of second results, and a timing of processing of the intermediate result by one or more of the plurality of secondary operators is adjusted to coordinate the generation of the plurality of second results. The processor may execute the final operation on the plurality of second results to generate a final result.

公开(公告)号：US11487893B1

公开(公告)日：2022-11-01

申请号：US17841996

申请日：2022-06-16

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Pui Kei Johnston Chu ,  Benoit Dageville ,  Shreyas Narendra Desai ,  Subramanian Muralidhar ,  Bowen Zhang

IPC: G06F21/62 ,  G06F16/25 ,  G06F16/21

Abstract: Embodiments of the present disclosure provide techniques for defining database roles to allow sharing of the objects within a database in a more granular fashion. A set of database roles is created within a database container of a provider account, each database role comprising a separate object from any of a plurality of objects within the database container. A set of grants to a particular subset of the plurality of data objects of the database container is assigned to each of the set of database roles. A share object to which each of the set of database roles has been granted is mounted within a consumer account, thereby generating an imported database container having an imported copy of each of the set of database roles within the consumer account. Certain imported copies of the set of database roles are granted to account level roles of the consumer account.