公开(公告)号：US12013969B2

公开(公告)日：2024-06-18

申请号：US17160924

申请日：2021-01-28

Applicant: Snowflake Inc.

Inventor： Rachel Frances Blum ,  Joshua James Chacona ,  Christian Kleinerman ,  Justin Langseth ,  William L. Stratton, Jr.

IPC: G06F21/62 ,  G06F16/22 ,  G06F16/2455

CPC classification number: G06F21/6254 ,  G06F16/2282 ,  G06F16/2455 ,  G06F21/6263

Abstract: Embodiments of the present disclosure may provide a data clean room allowing secure data analysis across multiple accounts, without the use of third parties. Each account may be associated with a different company or party. The data clean room may provide security functions to safeguard sensitive information. For example, the data clean room may restrict access to data in other accounts. The data clean room may also restrict which data may be used in the analysis and may restrict the output. The overlap data may be anonymized to prevent sensitive information from being revealed.

公开(公告)号：US12013960B2

公开(公告)日：2024-06-18

申请号：US18343361

申请日：2023-06-28

Applicant: SNOWFLAKE INC.

Inventor： Benoit Dageville ,  Thierry Cruanes ,  Martin Hentschel ,  Peter Povinec

IPC: G06F21/62 ,  G06F16/25

CPC classification number: G06F21/6218 ,  G06F16/256 ,  G06F2221/2145

Abstract: A method of sharing data in a multi-tenant database includes inspecting, by a processing device of a multiple tenant database, a sharer account to determine an existence of a link between an alias object in a target account and a database, wherein the database is linked to a first role object included in a share object in the sharer account. The method includes granting a second role object, in the target account, access rights to the alias object, wherein the first role object having one or more grants to one or more resources of the sharer account, and wherein the target account accesses the one or more resources using the one or more grants of the share object and using the alias object without at least one of copying the one or more resources or transmitting the one or more resources.

公开(公告)号：US12007961B2

公开(公告)日：2024-06-11

申请号：US18345987

申请日：2023-06-30

Applicant: Snowflake Inc.

Inventor： Istvan Cseri ,  Benoit Dageville ,  Ganeshan Ramachandran Iyer ,  Yucan Liu ,  Jiaqi Yan

IPC: G06F16/00 ,  G06F16/21

CPC classification number: G06F16/211

Abstract: Techniques for schema mismatch detection and evolution are described. When data is being uploaded into a source table, schema of the data to be uploaded can be compared with the schema for the source table. If a schema mismatch is detected, the schema of the source table can be modified, and the upload can be continued without data loss.

公开(公告)号：US12001428B2

公开(公告)日：2024-06-04

申请号：US18047872

申请日：2022-10-19

Applicant: Snowflake Inc.

Inventor： Xinzhu Cai ,  Florian Andreas Funke

IPC: G06F16/24 ,  G06F16/22 ,  G06F16/2453

CPC classification number: G06F16/24537 ,  G06F16/2255

Abstract: Provided herein are systems and methods for handling build-side skew. For example, a method includes computing a plurality of hash values for a join operation. The join operation uses a corresponding plurality of row sets. The plurality of hash values are sampled to detect a frequent hash value. A build-side row set is partitioned using the frequent hash value to generate a partitioned build-side row set. The build-side row set is selected from the plurality of row sets. The partitioned build-side row set is distributed to a plurality of hash-join-build (HJB) instances executing at a corresponding plurality of servers.

公开(公告)号：US20240176711A1

公开(公告)日：2024-05-30

申请号：US18329348

申请日：2023-06-05

Applicant: Snowflake Inc.

Inventor： Loc Duc Bui ,  Hitesh Madan ,  Nithin Mahesh ,  Subramanian Muralidhar ,  Sahaj Saini ,  Di Wu

IPC: G06F11/20 ,  G06F16/25 ,  G06F16/27

CPC classification number: G06F11/203 ,  G06F16/256 ,  G06F16/27

Abstract: The subject technology determines a set of share objects in a replication group. The subject technology, for each object from the set of share objects, determines a set of permissions for a set of objects of databases that has been granted to each share object from the replication group. The subject technology, for each permission from the set of permissions, determines a set of dependencies, the set of dependencies comprising a second set of objects. The subject technology generates a graph structure based at least in part on the set of share objects, the set of permissions, and the set of dependencies. The subject technology traverses at least a portion of the graph structure to determine a final set of dependencies for replication. The subject technology performs a replication process based at least in part on the final set of dependencies.

公开(公告)号：US20240169077A1

公开(公告)日：2024-05-23

申请号：US18228546

申请日：2023-07-31

Applicant: Snowflake Inc.

Inventor： Vikas Jain ,  Eric Karlson ,  Sepideh Khoshnood

IPC: G06F21/60 ,  G06F21/62

CPC classification number: G06F21/604 ,  G06F21/6218

Abstract: Embodiments of the present disclosure provide systems and methods for using secure schemas to address inconsistencies between standard RBAC rules and the use of inherited grants. A secure schema may be defined that transfers ownership of an object created in the secure schema to a role that owns the secure schema. An inherited grant may be attached to the secure schema, where the inherited grant specifies a permission on a first type of object in the secure schema and a grant of the permission to the role that owns the secure schema. When objects are created in the secure schema, ownership of each of the set of objects is transferred to the role that owns the secure schema to authorize the role that owns the secure schema to manage grants to the set of objects on the secure schema.

公开(公告)号：US20240168946A1

公开(公告)日：2024-05-23

申请号：US18428371

申请日：2024-01-31

Applicant: Snowflake Inc.

Inventor： Raja Suresh Krishna Balakrishnan ,  Khalid Zaman Bijon ,  Subramanian Muralidhar ,  David Schultz ,  Jian Xu

IPC: G06F16/242 ,  G06F16/21 ,  G06F16/22 ,  G06F16/23 ,  G06F16/2453

CPC classification number: G06F16/2445 ,  G06F16/211 ,  G06F16/2291 ,  G06F16/2358 ,  G06F16/2365 ,  G06F16/2453

Abstract: Aspects of the present disclosure address systems, methods, and devices for tracking object dependencies in a cloud database system. An object dependency created between a referencing object and a referenced object is detected. Based on detecting the object dependency, a dependency record is generated. The dependency record includes dependency information describing the object dependency between the reference object and the referenced object. The dependency record is stored in a database of dependency records.

公开(公告)号：US20240160636A1

公开(公告)日：2024-05-16

申请号：US18419165

申请日：2024-01-22

Applicant: Snowflake Inc.

Inventor： Harsha S. Kapre ,  Mark T. Keller ,  Srinath Shankar ,  Kushan A. Zaveri

IPC: G06F16/2458 ,  G06F16/2453 ,  G06F16/2455 ,  G06F16/25

CPC classification number: G06F16/2471 ,  G06F16/24532 ,  G06F16/24561 ,  G06F16/256 ,  G06F16/258

Abstract: Techniques for fetching query result data using result batches includes retrieving query result information from a first computing node of a database system. The query result information includes result data associated with a multi-stage execution of a query. A plurality of result batches are generated based on the query result information. Each result batch of the plurality of result batches includes a retrieval function for a portion of the result data. The portion of the result data for each result batch of the plurality of result batches is retrieved based on execution of the retrieval function by at least a second computing node of the database system. The result data associated with the multi-stage execution of the query is output based on completion of the retrieval.

公开(公告)号：US11977560B2

公开(公告)日：2024-05-07

申请号：US17563418

申请日：2021-12-28

Applicant: Snowflake Inc.

Inventor： Benoit Dageville ,  Thierry Cruanes ,  Marcin Zukowski

IPC: G06F16/27 ,  A61F5/56 ,  G06F9/48 ,  G06F9/50 ,  G06F16/14 ,  G06F16/182 ,  G06F16/21 ,  G06F16/22 ,  G06F16/23 ,  G06F16/2453 ,  G06F16/2455 ,  G06F16/2458 ,  G06F16/25 ,  G06F16/28 ,  G06F16/951 ,  G06F16/9535 ,  G06F16/9538 ,  H04L67/1095 ,  H04L67/1097 ,  H04L67/568

CPC classification number: G06F16/273 ,  A61F5/566 ,  G06F9/4881 ,  G06F9/5016 ,  G06F9/5044 ,  G06F9/5083 ,  G06F9/5088 ,  G06F16/148 ,  G06F16/1827 ,  G06F16/211 ,  G06F16/221 ,  G06F16/2365 ,  G06F16/24532 ,  G06F16/24545 ,  G06F16/24552 ,  G06F16/2456 ,  G06F16/2471 ,  G06F16/254 ,  G06F16/27 ,  G06F16/283 ,  G06F16/951 ,  G06F16/9535 ,  G06F16/9538 ,  H04L67/1095 ,  H04L67/1097 ,  H04L67/568

Abstract: Example resource management systems and methods are described. In one implementation, a resource manager is to be coupled to one or more virtual data warehouse instances that each comprise a plurality of computing resources. A resource manager receives a query directed to database data. The resource manager determines a plurality of tasks associated with the query. The resource manager distributes the plurality of tasks among the one or more virtual data warehouse instances to cause each computing resource of the plurality of computing resources of the one or more virtual data warehouse instances to process a respective task of the plurality of tasks. The resource manager receives results obtained from the processing of the plurality of tasks. The resource manager uses the results to respond to the query.

公开(公告)号：US20240146716A1

公开(公告)日：2024-05-02

申请号：US18299455

申请日：2023-04-12

Applicant: Snowflake Inc.

Inventor： Alexander Hess ,  Joshua Vittum Makinen

IPC: H04L9/40 ,  H04L9/08

CPC classification number: H04L63/0823 ,  H04L9/0825 ,  H04L9/085

Abstract: A system and method of encrypting data using public key cryptography and certificate verification. The method includes receiving a request for a digital certificate. The method includes signing, by a processing device, the request using a second private key to generate a signed request. The method includes generating the digital certificate based on the signed request and a different private key. The method includes causing the digital certificate to be stored in a shared data storage available to a first client device. The method includes signing an encrypted secret using a first private key associated with the first client device to generate a signed encrypted secret, wherein the first private key is inaccessible to the first client device.