公开(公告)号：US20240378305A1

公开(公告)日：2024-11-14

申请号：US18316787

申请日：2023-05-12

Applicant: Snowflake Inc.

Inventor： Suraj P. Acharya ,  Jennifer Wenjun Bi ,  Khalid Zaman Bijon ,  Damien Carru ,  Lin Chan ,  Tianyi Chen ,  Jeremy Yujui Chen ,  Thierry Cruanes ,  Benoit Dageville ,  Simon Holm Jensen ,  Boxin Jiang ,  Dmitry A. Lychagin ,  Subramanian Muralidhar ,  Shuaishuai Nie ,  Eric Robinson ,  Sahaj Saini ,  David Schultz ,  Kevin Wang ,  Wenqi Wei ,  Zixi Zhang ,  Xingzhe Zhou

IPC: G06F21/62 ,  G06F21/60

Abstract: Systems and methods for generating object references with selectable scopes are provided. The systems and methods perform operations including calling, by a first entity, a reference generator function using one or more arguments associated with a database object that the first entity is authorized to access according to a first set of access privileges, the one or more arguments comprising a scope definition that defines persistence of a reference. The operations include obtaining, from the reference generator function, a reference to the database object, the reference persisting according to the scope definition. The operations include passing the reference to a second entity to enable the second entity to perform one or more database operations on the database object according to a second set of access privileges derived from the first set of access privileges.

公开(公告)号：US20240168946A1

公开(公告)日：2024-05-23

申请号：US18428371

申请日：2024-01-31

Applicant: Snowflake Inc.

Inventor： Raja Suresh Krishna Balakrishnan ,  Khalid Zaman Bijon ,  Subramanian Muralidhar ,  David Schultz ,  Jian Xu

IPC: G06F16/242 ,  G06F16/21 ,  G06F16/22 ,  G06F16/23 ,  G06F16/2453

CPC classification number: G06F16/2445 ,  G06F16/211 ,  G06F16/2291 ,  G06F16/2358 ,  G06F16/2365 ,  G06F16/2453

Abstract: Aspects of the present disclosure address systems, methods, and devices for tracking object dependencies in a cloud database system. An object dependency created between a referencing object and a referenced object is detected. Based on detecting the object dependency, a dependency record is generated. The dependency record includes dependency information describing the object dependency between the reference object and the referenced object. The dependency record is stored in a database of dependency records.

公开(公告)号：US11928157B2

公开(公告)日：2024-03-12

申请号：US17934814

申请日：2022-09-23

Applicant: Snowflake Inc.

Inventor： Khalid Zaman Bijon ,  Thierry Cruanes ,  Simon Holm Jensen ,  Allison Waingold Lee ,  Daniel N. Meredith ,  Subramanian Muralidhar ,  David Schultz ,  Zixi Zhang

IPC: G06F16/903

CPC classification number: G06F16/90335

Abstract: A constraint system enforces projection constraints on data values stored in specified columns of a shared dataset when queries are received by a database system. A projection constraint identifies that the data in a column may be restricted from being projected (e.g., presented, read, outputted) in an output to a received query, while allowing specified operations to be performed on the data and a corresponding output to be provided. For example, the projection constraint may indicate a context for a query that triggers the constraint, such as based on the user that submitted the query. Enforcing projection constraints on queries received at the database system allows for data to be shared and used anonymously by entities to perform various operations without the need to tokenize the data.

公开(公告)号：US11928108B2

公开(公告)日：2024-03-12

申请号：US18181423

申请日：2023-03-09

Applicant: Snowflake Inc.

Inventor： Raja Suresh Krishna Balakrishnan ,  Khalid Zaman Bijon ,  Subramanian Muralidhar ,  David Schultz ,  Jian Xu

IPC: G06F16/242 ,  G06F16/21 ,  G06F16/22 ,  G06F16/23 ,  G06F16/2453

CPC classification number: G06F16/2445 ,  G06F16/211 ,  G06F16/2291 ,  G06F16/2358 ,  G06F16/2365 ,  G06F16/2453

Abstract: Aspects of the present disclosure address systems, methods, and devices for tracking object dependencies in a cloud database system. An object dependency created between a referencing object and a referenced object is detected. Based on detecting the object dependency, a dependency record is generated. The dependency record includes dependency information describing the object dependency between the reference object and the referenced object. The dependency record is stored in a database of dependency records.

公开(公告)号：US11727139B2

公开(公告)日：2023-08-15

申请号：US17936681

申请日：2022-09-29

Applicant: Snowflake Inc.

Inventor： Artin Avanes ,  Khalid Zaman Bijon ,  Zheng Mi ,  Subramanian Muralidhar ,  David Schultz ,  Jian Xu

IPC: G06F21/62 ,  G06F21/60 ,  G06F16/22

CPC classification number: G06F21/6227 ,  G06F16/2282 ,  G06F21/604 ,  G06F21/62 ,  G06F21/6218 ,  G06F2221/2141

Abstract: Row-level security (RLS) may provide fine-grained access control based on flexible, user-defined access policies to databases, tables, objects, and other data structures. A RLS policy may be an entity or object that defines rules for row access. A RLS policy may be decoupled or independent from any specific table. This allows more robust and flexible control. A RLS policy may then be attached to one or more tables. The RLS policy may include a Boolean-valued expression.

公开(公告)号：US20230214383A1

公开(公告)日：2023-07-06

申请号：US18181423

申请日：2023-03-09

Applicant: Snowflake Inc.

Inventor： Raja Suresh Krishna Balakrishnan ,  Khalid Zaman Bijon ,  Subramanian Muralidhar ,  David Schultz ,  Jian Xu

IPC: G06F16/23

CPC classification number: G06F16/2365 ,  G06F16/2358

Abstract: Aspects of the present disclosure address systems, methods, and devices for tracking object dependencies in a cloud database system. An object dependency created between a referencing object and a referenced object is detected. Based on detecting the object dependency, a dependency record is generated. The dependency record includes dependency information describing the object dependency between the reference object and the referenced object. The dependency record is stored in a database of dependency records.

公开(公告)号：US11645275B2

公开(公告)日：2023-05-09

申请号：US17659797

申请日：2022-04-19

Applicant: Snowflake Inc.

Inventor： Raja Suresh Krishna Balakrishnan ,  Khalid Zaman Bijon ,  Subramanian Muralidhar ,  David Schultz ,  Jian Xu

IPC: G06F16/242 ,  G06F16/23 ,  G06F16/2453 ,  G06F16/21 ,  G06F16/22

CPC classification number: G06F16/2445 ,  G06F16/211 ,  G06F16/2291 ,  G06F16/2358 ,  G06F16/2453

Abstract: Aspects of the present disclosure address systems, methods, and devices for tracking object dependencies in a cloud database system. An object dependency created between a referencing object and a referenced object is detected. Based on detecting the object dependency, a dependency record is generated. The dependency record includes dependency information describing the object dependency between the reference object and the referenced object. The dependency record is stored in a database of dependency records.

公开(公告)号：US20230102349A1

公开(公告)日：2023-03-30

申请号：US18062656

申请日：2022-12-07

Applicant: Snowflake Inc.

Inventor： Artin Avanes ,  Khalid Zaman Bijon ,  Damien Carru ,  Thierry Cruanes ,  Vikas Jain ,  Zheng Mi ,  Subramanian Muralidhar

IPC: G06F21/62 ,  G06F16/22 ,  G06F16/27 ,  G06F16/25 ,  G06F16/248

Abstract: A shared database platform implements dynamic masking on data shared between users where specific data is masked, transformed, or otherwise modified based on preconfigured functions that are associated with user roles. The shared database platform can implement the masking at runtime dynamically in response to users requesting access to a database object that is associated with one or more masking policies.

公开(公告)号：US20230022027A1

公开(公告)日：2023-01-26

申请号：US17936681

申请日：2022-09-29

Applicant: Snowflake Inc.

Inventor： Artin Avanes ,  Khalid Zaman Bijon ,  Zheng Mi ,  Subramanian Muralidhar ,  David Schultz ,  Jian Xu

IPC: G06F21/62 ,  G06F21/60 ,  G06F16/22

Abstract: Row-level security (RLS) may provide fine-grained access control based on flexible, user-defined access policies to databases, tables, objects, and other data structures. A RLS policy may be an entity or object that defines rules for row access. A RLS policy may be decoupled or independent from any specific table. This allows more robust and flexible control. A RLS policy may then be attached to one or more tables. The RLS policy may include a Boolean-valued expression.

公开(公告)号：US11544399B2

公开(公告)日：2023-01-03

申请号：US17657578

申请日：2022-03-31

Applicant: Snowflake Inc.

Inventor： Artin Avanes ,  Khalid Zaman Bijon ,  Peter Povinec

IPC: G06F16/00 ,  G06F21/62 ,  G06F16/27

Abstract: Using container-centric managed access, an administrator is enabled to define a set of future grants for each object that will be created in the future in a container managed by the administrator. When a user creates a database object, the system checks the future grants to determine if any apply to the user, the database object, or the combination. Any applicable future grants are applied to the database object before the user is allowed to modify it. As a result, the administrator is enabled to control the privileges associated with the database object even before the database object is created, while restricting individual object owners from managing privileges on their owned objects.