公开(公告)号：US11269885B2

公开(公告)日：2022-03-08

申请号：US16908006

申请日：2020-06-22

Applicant: salesforce.com, inc.

Inventor： Thomas Fanghaenel ,  Jameison Bear Martin ,  Nathaniel Wyatt ,  Diego Ongaro ,  Terry Chong

IPC: G06F12/0891 ,  G06F16/172 ,  G06F16/22 ,  G06F16/2455 ,  G06F16/84

Abstract: Techniques are disclosed relating to maintaining a cache usable to locate data stored in a data structure. A computer system, in various embodiments, maintains a data structure having a plurality of levels that store files for a database. The files may include one or more records that each have a key and corresponding data. The computer system may also maintain a cache for the database whose entries store, for a key, an indication of a location of a corresponding record in a file of the data structure. In some embodiments, the computer system receives a request to access a particular record stored in the data structure where the request specifies a key usable to locate the particular record. The computer system may retrieve, from the cache via the key, a particular indication of a location of the particular record and may use the particular indication to access the particular record.

公开(公告)号：US20210377020A1

公开(公告)日：2021-12-02

申请号：US16889285

申请日：2020-06-01

Applicant: salesforce.com, inc.

Inventor： Dhanashree Kashid ,  Raghavendran Hanumantharau ,  Terry Chong ,  Andrew Stewart Tucker ,  Vadiraj Govardhan Hosur

IPC: H04L9/08 ,  G06F21/60 ,  H04L9/14 ,  G06F21/62

Abstract: Disclosed techniques relate to storing a key cache within a secure enclave. In some embodiments, a computing system receives, from an application, a request to access a database, where the request is associated with a particular account. The computing system then accesses, using an identifier associated with the particular account, a key cache stored in a secure enclave of a memory of the computing system to determine at least one private key associated with the request, where the key cache stores private keys of a key management system (KMS) for a plurality of accounts. The computing system performs a cryptographic operation for accessing the database within the secure enclave using the at least one private key. In various embodiments, disclosed techniques may improve the security of cryptographic private keys cached for a plurality of tenants.

公开(公告)号：US20200250325A1

公开(公告)日：2020-08-06

申请号：US16263751

申请日：2019-01-31

Applicant: salesforce.com, inc.

Inventor： Terry Chong ,  Jameison Bear Martin ,  Thomas Fanghaenel ,  Andrew Tucker ,  Nathaniel Wyatt ,  Raghavendran Hanumantharau ,  Assaf Ben-Gur ,  William Charles Mortimore, JR.

IPC: G06F21/62 ,  G06F21/60 ,  H04L9/08 ,  G06F16/2455

Abstract: System and methods of the disclosed subject matter provide segregating, at a memory storage coupled to a multitenant database system, first tenant data of a first tenant from at least second tenant data of a second tenant, based on a first tenant identifier. A first encryption key associated with the first tenant may be retrieved from a key cache memory based on the first tenant identifier, to encrypt one or more fragments of the first tenant data. The fragments of the first tenant data may be encrypted based on the retrieved encryption key. Non-encrypted header information may be generated for each of the encrypted fragments of the first tenant data, where the header information may have metadata including the first tenant identifier. The encrypted fragments of the first tenant data and the corresponding non-encrypted header information may be stored in the immutable storage.

公开(公告)号：US20200159628A1

公开(公告)日：2020-05-21

申请号：US16774244

申请日：2020-01-28

Applicant: salesforce.com, inc.

Inventor： Jameison Bear Martin ,  Nathaniel Wyatt ,  Patrick James Helland ,  Thomas Fanghaenel ,  Terry Chong ,  Subho Sanjay Chatterjee

IPC: G06F11/14 ,  G06F16/21

Abstract: Systems and methods are provided for performing a point-in-time restore of data of a first tenant of a multitenanted database system. Metadata can be located to identify an archival version of first data of the first tenant stored in immutable storage of the database system. The archival version includes a most recently committed version of each datum prior to a first point in time. By using the metadata, a restore reference set is mapped into a target database instance of the database system. The mapping can be performed when all existing data for a tenant is to be the archival version, and where versions of data and records committed after the point in time are not available to the target database instance.

公开(公告)号：US20180373604A1

公开(公告)日：2018-12-27

申请号：US15634796

申请日：2017-06-27

Applicant: salesforce.com, inc.

Inventor： Jameison Bear Martin ,  Nathaniel Wyatt ,  Patrick James Helland ,  Thomas Fanghaenel ,  Terry Chong ,  Subho Sanjay Chatterjee

IPC: G06F11/14

CPC classification number: G06F11/1469 ,  G06F11/1451 ,  G06F11/1471 ,  G06F11/1474 ,  G06F16/219 ,  G06F2201/80 ,  G06F2201/805 ,  G06F2201/82 ,  G06F2201/84

Abstract: Systems and methods are provided for performing a point-in-time restore of data of a first tenant of a multitenanted database system. Metadata can be located to identify an archival version of first data of the first tenant stored in immutable storage of the database system. The archival version includes a most recently committed version of each datum prior to a first point in time. By using the metadata, a restore reference set is mapped into a target database instance of the database system. The mapping can be performed when all existing data for a tenant is to be the archival version, and where versions of data and records committed after the point in time are not available to the target database instance.

公开(公告)号：US20180129585A1

公开(公告)日：2018-05-10

申请号：US15345914

申请日：2016-11-08

Applicant: salesforce.com, inc.

Inventor： Jameison Bear Martin ,  Subho Sanjay Chatterjee ,  Patrick James Helland ,  Nathaniel Wyatt ,  Thomas Fanghaenel ,  Terry Chong

IPC: G06F11/36 ,  G06F17/30

CPC classification number: G06F11/3664 ,  G06F11/3696 ,  G06F17/30289 ,  G06F17/30424

Abstract: Systems and methods are provided for creating a sandbox for an original tenant at a point in time, the original tenant having original tenant data stored in an immutable storage associated with an original tenant identifier, the original tenant data as of the sandbox creation point in time being a virtual snapshot of the original tenant data accessible by a sandbox tenant, where the sandbox tenant data can be changed without changing the original tenant data, and the original tenant data can be changed without changing the sandbox tenant data. A sandbox tenant is created by associating a sandbox tenant identifier with the virtual snapshot of the original tenant data and with sandbox tenant data created by the sandbox tenant subsequent to the sandbox creation point in time. Original tenant data is subsequently created and associated with the original tenant identifier, and is not accessible to the sandbox tenant.

公开(公告)号：US12001409B2

公开(公告)日：2024-06-04

申请号：US18145181

申请日：2022-12-22

Applicant: salesforce.com, inc.

Inventor： Rohit Agrawal ,  Aditya Shetty ,  Kaushal Mittal ,  Terry Chong ,  Thomas Fanghaenel ,  Vaibhav Arora

IPC: G06F16/22 ,  G06F16/21 ,  G06F21/62

CPC classification number: G06F16/214 ,  G06F16/2246 ,  G06F21/6227

Abstract: Techniques are disclosed relating to merge operations for multi-level data structures, such as log-structured merge-trees (LSM trees). A computer system may store, in a database, a plurality of files as part of an LSM tree and a plurality of database key structures. A given one of the plurality of database key structures may indicate, for a corresponding one of the plurality of files, a set of key ranges derived from database records that are included in the corresponding file. The computer system may determine, using ones of the plurality of database key structures, a key range overlap that is indicative of an extent of overlap of key ranges from a set of the plurality of files with respect to a particular key range. Based on the determined key range overlap, the computer system may assign a priority level to a merge operation that involves the set of files.

公开(公告)号：US11841967B2

公开(公告)日：2023-12-12

申请号：US17562387

申请日：2021-12-27

Applicant: salesforce.com, inc.

Inventor： Terry Chong ,  Jameison Bear Martin ,  Thomas Fanghaenel ,  Andrew Tucker ,  Nathaniel Wyatt ,  Raghavendran Hanumantharau ,  Assaf Ben Gur ,  William Charles Mortimore, Jr.

IPC: G06F21/62 ,  G06F16/2455 ,  G06F21/60 ,  H04L9/08

CPC classification number: G06F21/6218 ,  G06F16/24552 ,  G06F21/604 ,  H04L9/08

Abstract: System and methods of the disclosed subject matter provide segregating, at a memory storage coupled to a multitenant database system, first tenant data of a first tenant from at least second tenant data of a second tenant, based on a first tenant identifier. A first encryption key associated with the first tenant may be retrieved from a key cache memory based on the first tenant identifier, to encrypt one or more fragments of the first tenant data. The fragments of the first tenant data may be encrypted based on the retrieved encryption key. Non-encrypted header information may be generated for each of the encrypted fragments of the first tenant data, where the header information may have metadata including the first tenant identifier. The encrypted fragments of the first tenant data and the corresponding non-encrypted header information may be stored in the immutable storage.

公开(公告)号：US11797498B2

公开(公告)日：2023-10-24

申请号：US16950086

申请日：2020-11-17

Applicant: salesforce.com, inc.

Inventor： Jameison Bear Martin ,  Nathaniel Wyatt ,  Gary J. Baker ,  Thomas Fanghaenel ,  Terry Chong

IPC: G06F16/21 ,  G06F16/22

CPC classification number: G06F16/214 ,  G06F16/2246 ,  G06F16/2282

Abstract: Systems and methods are provided for migrating a tenant of a database system from a source database instance to a destination database instance. The systems and methods include quiescing the tenant data of the tenant to be migrated from the source database instance to the destination database instance so that no new data is written to the storage of the database system associated with the tenant identifier at the source database instance, transmitting metadata of the tenant to be migrated from the source database instance to the destination database instance, and modifying, at the destination database instance, the metadata of the tenant so that the destination database instance has information to point to groupings of data in the storage for the destination database to access the tenant data.

公开(公告)号：US11775524B2

公开(公告)日：2023-10-03

申请号：US17653820

申请日：2022-03-07

Applicant: salesforce.com, inc.

Inventor： Thomas Fanghaenel ,  Jameison Bear Martin ,  Nathaniel Wyatt ,  Diego Ongaro ,  Terry Chong

IPC: G06F12/0891 ,  G06F16/172 ,  G06F16/22 ,  G06F16/2455 ,  G06F16/84

CPC classification number: G06F16/24552 ,  G06F12/0891 ,  G06F16/172 ,  G06F16/2246 ,  G06F16/86 ,  G06F2212/1024 ,  G06F2212/163 ,  G06F2212/608

Abstract: Techniques are disclosed relating to maintaining a cache usable to locate data stored in a data structure. A computer system, in various embodiments, maintains a data structure having a plurality of levels that store files for a database. The files may include one or more records that each have a key and corresponding data. The computer system may also maintain a cache for the database whose entries store, for a key, an indication of a location of a corresponding record in a file of the data structure. In some embodiments, the computer system receives a request to access a particular record stored in the data structure where the request specifies a key usable to locate the particular record. The computer system may retrieve, from the cache via the key, a particular indication of a location of the particular record and may use the particular indication to access the particular record.