公开(公告)号：US11494500B1

公开(公告)日：2022-11-08

申请号：US17655887

申请日：2022-03-22

Applicant: Snowflake Inc.

Inventor： Suraj P. Acharya ,  Damien Carru ,  Vikas Jain ,  Zhen Mo ,  Frantisek Rolinek

IPC: G06F21/00 ,  G06F21/60 ,  G06F16/27 ,  G06F21/62

Abstract: A request to replicate a first account maintained by a data platform is received. Based on the request, account data associated with the account is accessed. The account data comprises security configurations for the first account. In response to the request, the first account is replicated using the account data. A second account results from replicating the first account. The replicating of the first account comprises automatically replicating the security configurations for the first account to the second account. The replicating of the security configurations comprises replicating an identity management configuration of the first account; replicating an authorization configuration of the first account; and replicating an authentication configuration of the first account.

公开(公告)号：US20220217125A1

公开(公告)日：2022-07-07

申请号：US17656620

申请日：2022-03-25

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Robert Bengt Benedikt Gernhardt ,  Martin Hentschel ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L9/40 ,  H04L9/08 ,  G06F16/27 ,  H04L9/30

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.

公开(公告)号：US11290433B2

公开(公告)日：2022-03-29

申请号：US17219700

申请日：2021-03-31

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Robert Bengt Benedikt Gernhardt ,  Martin Hentschel ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L29/06 ,  H04L9/08 ,  G06F16/27 ,  H04L9/30

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.

公开(公告)号：US20250141860A1

公开(公告)日：2025-05-01

申请号：US18616891

申请日：2024-03-26

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Thierry Cruanes ,  Jiaqi Yan

IPC: H04L9/40

Abstract: Techniques for sharing query results in a multi-tenant database system are described. The query results can be shared between users of the same account or organization in the multi-tenant network-based database system using security tokens. A first user executes a query, and the results are stored in the network-based database system. The first user can invoke a function to create a security token to provide access to the stored query results to other users in the same account. The first user can share the security token with the other users, who can directly access the stored results in the network-based database system instead of having to download local copies of the query results.

公开(公告)号：US12250249B2

公开(公告)日：2025-03-11

申请号：US18604252

申请日：2024-03-13

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Pui Kei Johnston Chu ,  Unmesh Jagtap ,  Xiaodi Ke ,  Subramanian Muralidhar ,  James Pan

IPC: H04L9/40 ,  G06F11/07 ,  G06F16/23 ,  H04L67/125 ,  H04L67/30

Abstract: Embodiments of the present disclosure provide a region-specific events account that is used as a central place to store the events shared by consumers of shared applications in that region. For each of a set of provider accounts in a first region, a global account object corresponding to the provider account is replicated to a second region to establish a replicated global account object in the second region. An account data persistence object (DPO) of a first provider account of the set of provider accounts is modified to designate the first provider account as an events account. The events account is a central location within the second region where execution information generated by execution of applications shared with consumer accounts in the second region is stored. The replicated global account object corresponding to the first provider account is updated to designate the first provider account as the events account.

公开(公告)号：US20250023879A1

公开(公告)日：2025-01-16

申请号：US18409507

申请日：2024-01-10

Applicant: Snowflake Inc.

Inventor： Christine A. Avanessians ,  Damien Carru ,  Ramachandran Natarajan Iyer ,  Dennis Edgar Lynch ,  Subramanian Muralidhar

IPC: H04L9/40

Abstract: Systems and methods for an organization-level account for an organization on a data platform, users of which can possess administrative or management privileges with respect to the organization and across one or more others accounts of the organization.

公开(公告)号：US20240419829A1

公开(公告)日：2024-12-19

申请号：US18506343

申请日：2023-11-10

Applicant: Snowflake Inc.

Inventor： Christine A. Avanessians ,  Damien Carru ,  Ramachandran Natarajan Iyer ,  Eric Karlson ,  Dennis Edgar Lynch

IPC: G06F21/62 ,  G06F21/31

Abstract: Provided herein are systems and methods for global data objects on a data platform where the global data objects are accessible at an organization level. In particular, an organization-level global data object provided by various embodiments can be used as a generic organization object that is owned by a specific organization, and can be managed (e.g., created, deleted, or modified) by use of a leader-based model.

公开(公告)号：US12120189B2

公开(公告)日：2024-10-15

申请号：US18497720

申请日：2023-10-30

Applicant: Snowflake Inc.

Inventor： Khalid Zaman Bijon ,  Damien Carru ,  Christopher Peter Child ,  Eric Karlson ,  Zheng Mi

IPC: H04L67/306 ,  G06F9/54 ,  G06F21/31 ,  H04L9/40 ,  H04L41/50 ,  H04L41/5041 ,  H04L67/02 ,  H04L67/10 ,  H04L67/1097 ,  H04L67/59 ,  H04L67/60

CPC classification number: H04L67/306 ,  G06F9/547 ,  G06F21/31 ,  H04L41/50 ,  H04L41/5041 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/102 ,  H04L63/20 ,  H04L67/02 ,  H04L67/10 ,  H04L67/1097 ,  H04L67/59 ,  H04L67/60

Abstract: Embodiments of the present disclosure may provide a streamlined process for performing operations, such as data sharing and data replication, using multiple accounts. A global identity (also referred to as an organization user) may be employed, where the global identity may have access to multiple accounts across the same or different deployments. The global identity may switch between accounts from its login session and perform various tasks in the context of different accounts without undergoing further authentication.

公开(公告)号：US20240333718A1

公开(公告)日：2024-10-03

申请号：US18604252

申请日：2024-03-13

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Pui Kei Johnston Chu ,  Unmesh Jagtap ,  Xiaodi Ke ,  Subramanian Muralidhar ,  James Pan

IPC: H04L9/40 ,  G06F11/07 ,  G06F16/23 ,  H04L67/125 ,  H04L67/30

CPC classification number: H04L63/102 ,  G06F11/079 ,  G06F16/235 ,  H04L67/125 ,  H04L67/30

Abstract: Embodiments of the present disclosure provide a region-specific events account that is used as a central place to store the events shared by consumers of shared applications in that region. For each of a set of provider accounts in a first region, a global account object corresponding to the provider account is replicated to a second region to establish a replicated global account object in the second region. An account data persistence object (DPO) of a first provider account of the set of provider accounts is modified to designate the first provider account as an events account. The events account is a central location within the second region where execution information generated by execution of applications shared with consumer accounts in the second region is stored. The replicated global account object corresponding to the first provider account is updated to designate the first provider account as the events account.

公开(公告)号：US12032947B1

公开(公告)日：2024-07-09

申请号：US18354003

申请日：2023-07-18

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Benoit Dageville ,  Unmesh Jagtap ,  Subramanian Muralidhar ,  Jan Michael Timmerman

IPC: G06F8/65 ,  G06F16/21

CPC classification number: G06F8/65 ,  G06F16/219

Abstract: A versioned schema of a data platform. A process of maintaining a call stack of executing objects of an application package having a versioned schema includes calling, by a first procedure executed by one or more processors, a second procedure of a versioned application instance, and determining, by the first procedure, a version of the second procedure based on a call context. In response to determining that the version of the second procedure is not in the call context, the first procedure determines a current version of the versioned application package adds the current version to the call context as the version of the second procedure.