-
公开(公告)号:US20220083684A1
公开(公告)日:2022-03-17
申请号:US17537312
申请日:2021-11-29
Applicant: Snowflake Inc.
Inventor: Benoit Dageville , Peter Povinec , Philipp Thomas Unterbrunner , Martin Hentschel
Abstract: A method for encrypting database files includes generating a mapping for a plurality of encrypted files. A first encrypted file of the plurality of encrypted files is encrypted with a first encryption key. The method includes generating a second encrypted file by re-encrypting, for a period of time, data in the first encrypted file using a second encryption key. The first encrypted file remains accessible to one or more queries during the period of time. The method includes updating the mapping to associate the second encrypted file with the first encrypted file. The mapping is updated after the second encrypted file has been generated. The method includes preventing a query from accessing the first encrypted file after the second encrypted file has been generated.
-
公开(公告)号:US20210286892A1
公开(公告)日:2021-09-16
申请号:US17332793
申请日:2021-05-27
Applicant: Snowflake Inc.
Inventor: Allison Waingold Lee , Peter Povinec , Martin Hentschel , Robert Muglia
IPC: G06F21/62 , G06F16/245 , G06F16/22
Abstract: Systems, methods, and devices for secure view-based data sharing are disclosed. A method in accordance with embodiments disclosed herein comprises associating, by one or more processors, view privileges of a secure view with one or more of a plurality of underlying details of a share object of a first account such that each of the one or more underlying details of the share object comprises a definition of the secure view. The method further comprises: in response to receiving a request from a second account to access any underlying details of the share object, using a secure projection that does not match any rewrite rule preconditions to rewrite a query plan of the request to prevent expressions that do not originate from the secure view from being pushed down below a boundary of the secure view.
-
公开(公告)号:US11080270B2
公开(公告)日:2021-08-03
申请号:US17086253
申请日:2020-10-30
Applicant: Snowflake Inc.
Inventor: Benoit Dageville , Martin Hentschel , William Waddington
IPC: G06F16/00 , G06F16/23 , G06F21/60 , G06F16/22 , G06F16/2455
Abstract: The subject technology caches, in connection with processing a first query, one or more table-metadata files in at least one of a current version set of one or more table-metadata files and a new version set of one or more table-metadata files, the new version set of one or more table-metadata files comprising table metadata for a new version of a database table. The subject technology receives a subsequent query directed to the database table. The subject technology downloads, in connection with processing the subsequent query, at least one uncached table-metadata file in a scan set of table-metadata files for the subsequent query. The subject technology processes the subsequent query using the at least one uncached table-metadata file.
-
公开(公告)号:US11048815B2
公开(公告)日:2021-06-29
申请号:US16055824
申请日:2018-08-06
Applicant: Snowflake Inc.
Inventor: Allison Waingold Lee , Peter Povinec , Martin Hentschel , Robert Muglia
IPC: G06F21/62 , G06F21/60 , G06F16/245 , G06F16/22 , G06F21/71
Abstract: Systems, methods, and devices for implementing secure views for zero-copy data sharing in a multi-tenant database system are disclosed. A method includes generating a share object in a first account comprising a share role. The method includes associating view privileges for the share object such that an underlying detail of the share object comprises a secure view definition. The method includes granting, to a second account, cross-account access rights to the share role or share object in the first account. The method includes receiving a request from the second account to access data or services of the first account and providing a response to the second account based on the data or services of the first account. The method is such that the underlying detail of the share object that comprises the secure view definition is hidden from the second account and visible to the first account.
-
公开(公告)号:US10977383B2
公开(公告)日:2021-04-13
申请号:US15286112
申请日:2016-10-05
Applicant: Snowflake Inc.
Inventor: Benoit Dageville , Peter Povinec , Philipp Thomas Unterbrunner , Martin Hentschel
Abstract: A method for encrypting database data includes generating an encryption key for a first file stored in a data store, wherein a table in a database comprises an entry pointing to the first file. The method includes generating a second file by encrypting the data the first file in the data store using the encryption key without modifying the first file. The method includes, in response to generating the second file, modifying the entry in the table to point to the second file, wherein the modification of the entry is performed atomically. A process for rekeying from the first file to the second file may happen in the background without blocking, interfering, or otherwise obstructing user interaction with a database system.
-
Patent Agency Ranking
公开(公告)号:US10909121B2
公开(公告)日:2021-02-02
申请号:US16863831
申请日:2020-04-30
Applicant: Snowflake Inc.
Inventor: Benoit Dageville , Yi Fang , Martin Hentschel , Ashish Motivala , Spyridon Triantafyllis , Yizhi Zhu
IPC: G06F16/2455 , G06F16/23 , G06F16/2457 , G06F16/22 , G06F16/2458 , G06F16/27
Abstract: The subject technology receives first metadata corresponding to a set of micro-partitions. The subject technology generates second metadata for a grouping of the first metadata. The subject technology generates a first data structure including the first metadata and a second data structure including the second metadata, the second data structure including information associating the second metadata to the first metadata. The subject technology stores the first data structure and the second data structure in persistent storage as a first file and a second file. The subject technology receives a query on a table. Further, the subject technology analyzes the query against cumulative table metadata to determine whether data stored in the table matches the query.
-
公开(公告)号:US10862873B1
公开(公告)日:2020-12-08
申请号:US16863191
申请日:2020-04-30
Applicant: Snowflake Inc.
Inventor: Damien Carru , Robert Bengt Benedikt Gernhardt , Martin Hentschel , Nithin Mahesh , Eric Robinson
Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.
-
公开(公告)号:US10860573B2
公开(公告)日:2020-12-08
申请号:US16838301
申请日:2020-04-02
Applicant: Snowflake Inc.
Inventor: Benoit Dageville , Martin Hentschel , William Waddington
IPC: G06F16/00 , G06F16/23 , G06F21/60 , G06F16/22 , G06F16/2455
Abstract: A method for a database system includes storing table data for a database, the table data including information in rows and columns of one or more database tables. The method includes storing metadata on immutable storage, the metadata including information about the table data for the database. In one embodiment, mutable metadata may be periodically consolidated in the background to create new versions of metadata files and which allows for deletions of old metadata files and old data files.
-
公开(公告)号:US10810232B2
公开(公告)日:2020-10-20
申请号:US16775092
申请日:2020-01-28
Applicant: Snowflake Inc.
Inventor: Ashish Motivala , Yi Fang , Martin Hentschel , Benoit Dageville , Spyros Triantafylis , Yizhi Zhu
IPC: G06F16/27 , G06F16/245 , G06F16/22
Abstract: Systems, methods, and devices for multiple level metadata organization in database systems. A system includes a plurality of shared storage devices collectively storing database data across a plurality of tables that each comprise one or more micro-partitions including immutable storage devices. The system includes a resource manager configured to manage the storage of database data stored in a table across one or more of the plurality of shared storage devices. The resource manager is configured to manage the storage of metadata for the table. The metadata includes a column expression property with information about data stored in a column, a micro-partition expression property with information about data stored in a micro-partition, a grouping expression property with information about data stored in two or more micro-partitions, and cumulative table metadata with global information about all micro-partitions of the table.
-
公开(公告)号:US20200042734A1
公开(公告)日:2020-02-06
申请号:US16241463
申请日:2019-01-07
Applicant: Snowflake Inc.
Inventor: Allison Waingold Lee , Peter Povinec , Martin Hentschel , Robert Muglia
IPC: G06F21/62 , G06F16/245 , G06F16/22
Abstract: Systems, methods, and devices for implementing secure views for zero-copy data sharing in a multi-tenant database system are disclosed. A method includes generating a share object in a first account comprising a share role. The method includes associating view privileges for the share object such that an underlying detail of the share object comprises a secure user-defined function definition. The method includes granting, to a second account, cross-account access rights to the share role or share object in the first account. The method includes receiving a request from the second account to access data or services of the first account and providing a response to the second account based on the data or services of the first account. The method is such that the underlying detail of the share object that comprises the secure user-defined function definition is hidden from the second account and visible to the first account.
-
-
-
-
-
-
-
-
-
Search Results
92
records
(took 0.023 seconds)
