公开(公告)号：US11290433B2

公开(公告)日：2022-03-29

申请号：US17219700

申请日：2021-03-31

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Robert Bengt Benedikt Gernhardt ,  Martin Hentschel ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L29/06 ,  H04L9/08 ,  G06F16/27 ,  H04L9/30

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.

公开(公告)号：US20220019600A1

公开(公告)日：2022-01-20

申请号：US17491392

申请日：2021-09-30

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Eric Robinson ,  Martin Hentschel

IPC: G06F16/27 ,  G06F16/245

Abstract: Replication and failover of database data is disclosed. A method includes replicating database data stored in a primary deployment such that the database data is further stored in a secondary deployment. The method includes executing one or more updates to the database data at the secondary deployment when the primary deployment is unavailable and propagating the one or more updates to the primary deployment when the primary deployment becomes available again. The method includes executing queries on the database data at the primary deployment when the primary deployment is available.

公开(公告)号：US20210374158A1

公开(公告)日：2021-12-02

申请号：US17226141

申请日：2021-04-09

Applicant: Snowflake Inc.

Inventor： Pui Kei Johnston Chu ,  Shreyas Narendra Desai ,  German Alberto Gil Echeverri ,  Prasanna Krishnan ,  Nithin Mahesh ,  Subramanian Muralidhar ,  Eric Robinson ,  Sahaj Saini

IPC: G06F16/27 ,  G06F16/22 ,  G06Q30/00 ,  G06Q30/02 ,  G06F16/23

Abstract: A method of implementing sub-table replication starts with the processor detecting a first update to an entitlements table. The processor filters of a data table based on the first update. The processor then detects a second update to the entitlements table and performs incremental replication of the data table by causing a full inventory replication at a next refresh to be executed for provider accounts associated with the provider account identifiers in the entitlements table. Other embodiments are also described herein.

公开(公告)号：US11134061B1

公开(公告)日：2021-09-28

申请号：US17219716

申请日：2021-03-31

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Eric Robinson ,  Rodney Weaver

IPC: H04L29/06 ,  G06F16/27

Abstract: A network device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences messages, such as replication data, over a channel comprising a plurality of private network nodes. The messages can be generated and encrypted using one or more key pairs and changing wrapping replication keys to send and receive the messages between different types of database deployments.

公开(公告)号：US10855660B1

公开(公告)日：2020-12-01

申请号：US16862996

申请日：2020-04-30

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Eric Robinson ,  Rodney Weaver

IPC: H04L29/06 ,  G06F16/27

Abstract: A network device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences messages, such as replication data, over a channel comprising a plurality of private network nodes. The messages can be generated and encrypted using one or more key pairs and changing wrapping replication keys to send and receive the messages between different types of database deployments.

公开(公告)号：US20240289333A1

公开(公告)日：2024-08-29

申请号：US18656126

申请日：2024-05-06

Applicant: Snowflake Inc.

Inventor： Lin Chan ,  Tianyi Chen ,  Benoit Dageville ,  Yiming Kang ,  Jun Luo ,  Nithin Mahesh ,  Eric Robinson ,  Brian Smith

IPC: G06F16/2453 ,  G06F7/14 ,  G06F16/22 ,  G06F16/23 ,  G06F21/62

CPC classification number: G06F16/24549 ,  G06F7/14 ,  G06F16/2228 ,  G06F16/2379 ,  G06F21/6218 ,  G06F21/6227

Abstract: As described herein, a N-Gram index may be created and the search may be conducted using the index, which will lead to faster search results. The N-Gram index may also include partial N-Gram components to capture more relevant data. Moreover, as described herein, the search may also take into account recent log data that has not yet been indexed. Techniques for building an index store using log data and efficiently searching the index store and log data to process search requests are described herein.

公开(公告)号：US20240195785A1

公开(公告)日：2024-06-13

申请号：US18582313

申请日：2024-02-20

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Eric Robinson ,  Rodney Weaver

IPC: H04L9/40 ,  G06F16/27

CPC classification number: H04L63/0272 ,  G06F16/27 ,  H04L63/0281 ,  H04L63/0435

Abstract: A method includes encoding, by at least one hardware processor, database data in a first portion of a first data file of a plurality of data files. The encoding of the database data is based on a first encryption key. The method further includes encoding the first encryption key in a second portion of the first data file. The encoding of the first encryption key is based on a second encryption key associated with a second data file of the plurality of data files. The method further includes causing transmission of the plurality of data files from a first database deployment to a second database deployment.

公开(公告)号：US11943203B2

公开(公告)日：2024-03-26

申请号：US18055493

申请日：2022-11-15

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Eric Robinson ,  Rodney Weaver

IPC: H04L9/40 ,  G06F16/27

CPC classification number: H04L63/0272 ,  G06F16/27 ,  H04L63/0281 ,  H04L63/0435

Abstract: A method includes selecting, by at least one hardware processor of a first database deployment, data for transmission to a second database deployment. The data includes a plurality of files forming a data stream. At least a first file of the plurality of files is encoded using a first encryption key which is stored in at least a second file of the plurality of files. The at least a first file is further encoded to include a second encryption key associated with at least a third file of the plurality of files. A set of nodes is identified in a virtual private network connected to the first and second database deployments. The data stream is transmitted from the first database deployment to the second database deployment via the set of nodes of the virtual private network that is connected to the first database deployment and the second database deployment.

公开(公告)号：US20230273905A1

公开(公告)日：2023-08-31

申请号：US18068998

申请日：2022-12-20

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Benoit Dageville ,  Subramanian Muralidhar ,  Eric Robinson ,  Sahaj Saini ,  David Schultz

IPC: G06F16/21 ,  G06F16/28 ,  G06F21/62

CPC classification number: G06F16/212 ,  G06F16/285 ,  G06F21/6245

Abstract: Techniques for creating, sharing, and using bundles (also referred to as packages) in a multi-tenant database are described herein. A bundle is a schema object with associated hidden schemas. A bundle can be created by a provider user and can be shared with a plurality of consumer users. The bundle can be used to enable code sharing and distribution without losing control while maintaining security protocols.

公开(公告)号：US11736438B2

公开(公告)日：2023-08-22

申请号：US17156072

申请日：2021-01-22

Applicant: Snowflake Inc.

Inventor： Robert Bengt Benedikt Gernhardt ,  Mikhail Kazhamiaka ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L29/06 ,  H04L9/40

CPC classification number: H04L63/0218 ,  H04L63/0236 ,  H04L63/0245

Abstract: Different database deployments, or other data system deployments, may want to communicate with each other without sacrificing security or control. To this end, embodiments of the present disclosure may provide secure message exchange techniques for a source and/or target deployment. Configurable rule sets may be stored in the deployments; the rule sets may define what messages may be communicated between deployments. The deployments may implement a selective filtering scheme in one or more stages based on the rule sets to filter outgoing and/or incoming messages.