公开(公告)号：US11436362B1

公开(公告)日：2022-09-06

申请号：US17535529

申请日：2021-11-24

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Jeremy Yujui Chen ,  Pui Kei Johnston Chu ,  Thierry Cruanes ,  Istvan Cseri ,  Benoit Dageville ,  Unmesh Jagtap ,  Subramanian Muralidhar

IPC: G06F21/62 ,  G06Q30/06 ,  G06F9/445

Abstract: Embodiments of the present disclosure enable users of a data sharing system to build native applications that can be shared with other users of the data sharing system. The native applications can be published and discovered in the data sharing system like any other data listing, and consumers can install them in their local data sharing system account to serve their data processing needs. A provider may define an installation script for installing an application and create a share object to which the installation script may be attached. In response to an imported database being created in a consumer account based on the share object, a native application framework may automatically execute the installation script in the consumer account and may create a set of database roles to manage execution of the application in the consumer account.

公开(公告)号：US20220256004A1

公开(公告)日：2022-08-11

申请号：US17661096

申请日：2022-04-28

Applicant: Snowflake Inc.

Inventor： Khalid Zaman Bijon ,  Damien Carru ,  Christopher Peter Child ,  Eric Karlson ,  Zheng Mi

IPC: H04L67/306 ,  G06F9/54 ,  H04L9/40 ,  G06F21/31 ,  H04L67/02 ,  H04L41/50 ,  H04L41/5041 ,  H04L67/10 ,  H04L67/1097

Abstract: Embodiments of the present disclosure may provide a streamlined process for performing operations, such as data sharing and data replication, using multiple accounts. A global identity (also referred to as an organization user) may be employed, where the global identity may have access to multiple accounts across the same or different deployments. The global identity may switch between accounts from its login session and perform various tasks in the context of different accounts without undergoing further authentication.

公开(公告)号：US11314875B1

公开(公告)日：2022-04-26

申请号：US17643642

申请日：2021-12-10

Applicant: Snowflake Inc.

Inventor： Suraj P. Acharya ,  Damien Carru ,  Vikas Jain ,  Zhen Mo ,  Frantisek Rolinek

IPC: G06F21/45 ,  G06F21/31 ,  G06F21/60 ,  G06F21/62 ,  G06F16/27

Abstract: A request to replicate a first account maintained by a data platform is received. Based on the request, account data associated with the account is accessed. The account data comprises security configurations for the first account. In response to the request, the first account is replicated using the account data. A second account results from replicating the first account. The replicating of the first account comprises automatically replicating the security configurations for the first account to the second account. The replicating of the security configurations comprises replicating an identity management configuration of the first account; replicating an authorization configuration of the first account; and replicating an authentication configuration of the first account.

公开(公告)号：US11270020B1

公开(公告)日：2022-03-08

申请号：US17487716

申请日：2021-09-28

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Thierry Cruanes ,  Subramanian Muralidhar ,  Nicola Dan Onose ,  Ryan Michael Thomas Shelly ,  Brian Smith ,  Jaeyun Noh

IPC: H04L29/06 ,  G06F21/62 ,  G06F16/248 ,  H04L9/32 ,  G06F16/245

Abstract: Techniques described herein can allow users to share cached results of an original query with other users while protecting sensitive information. The techniques described herein can check whether the other users have access to the underlying data queried before allowing those users to see the stored query results. That is, the system may perform privilege checks on the shared users before giving them access to the stored query results but without having to re-run the original query.

公开(公告)号：US20210365577A1

公开(公告)日：2021-11-25

申请号：US16883565

申请日：2020-05-26

Applicant: Snowflake Inc.

Inventor： Suraj Prakasha Acharya ,  Damien Carru

IPC: G06F21/62 ,  H04L29/06

Abstract: In an embodiment, an application-provisioning framework of a database platform receives a provisioning request from a requesting entity, requesting provisioning of an application for a customer account of the database platform. In response to receiving the provisioning request, the application-provisioning framework retrieves, from data storage, an application-provisioning blueprint document that lists one or more database objects. The application-provisioning framework provisions, according to the retrieved application-provisioning blueprint document, the one or more listed database objects in a database associated in the database platform with the customer account.

公开(公告)号：US10862873B1

公开(公告)日：2020-12-08

申请号：US16863191

申请日：2020-04-30

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Robert Bengt Benedikt Gernhardt ,  Martin Hentschel ,  Nithin Mahesh ,  Eric Robinson

IPC: H04L29/06 ,  G06F16/27 ,  H04L9/30

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.

公开(公告)号：US12210492B2

公开(公告)日：2025-01-28

申请号：US18456644

申请日：2023-08-28

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Benoit Dageville ,  Subramanian Muralidhar ,  Eric Robinson ,  Sahaj Saini ,  David Schultz

IPC: G06F16/21 ,  G06F16/28 ,  G06F21/62

Abstract: Techniques for creating, sharing, and using bundles (also referred to as packages) in a multi-tenant database are described herein. A bundle is a schema object with associated hidden schemas. A bundle can be created by a provider user and can be shared with a plurality of consumer users. The bundle can be used to enable code sharing and distribution without losing control while maintaining security protocols.

公开(公告)号：US12153698B2

公开(公告)日：2024-11-26

申请号：US18104275

申请日：2023-01-31

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Jeremy Yujui Chen ,  Mohamad Raja Gani Mohamad Abdul ,  William A. Pugh

IPC: G06F21/62

Abstract: A data platform for developing and deploying a data application. The data platform receives from a first user the data application and provider granted privileges including a consumer usage privilege and a consumer access to data privilege. The data platform authorizes the second user to access the data platform based on one or more consumer account privileges included in a set of account privileges. The data platform authorizes the second user to execute the data application based on the consumer usage privilege. During execution, the data platform authorizes the data application to access the provider database object based on the consumer access to data privilege, and authorizes the data application to access the consumer database object based on a provider access to data privilege provided by the second user.

公开(公告)号：US20240281557A1

公开(公告)日：2024-08-22

申请号：US18652655

申请日：2024-05-01

Applicant: SNOWFLAKE INC.

Inventor： Damien Carru ,  Jeremy Yujui Chen ,  Pui Kei Johnston Chu ,  Thierry Cruanes ,  Istvan Cseri ,  Benoit Dageville ,  Unmesh Jagtap ,  Subramanian Muralidhar

IPC: G06F21/62 ,  G06F9/445 ,  G06Q30/06

CPC classification number: G06F21/6227 ,  G06F9/44505 ,  G06Q30/06 ,  G06F2221/2141

Abstract: Embodiments of the present disclosure related to sharing applications within a data sharing platform. An example method includes replicating a database from a provider account of a data sharing platform to a consumer account of the data sharing platform. The method further includes executing an installation script within the consumer account to install an application in the consumer account of the data sharing platform responsive to the replicating. The method further includes creating, by a processing device, a set of database roles to manage execution of the application in the consumer account, wherein one or more of the set of database roles determine access privileges granted to the application for accessing the database inside the consumer account. The application is to perform a data processing service relative to a data asset in the database.

公开(公告)号：US20240281245A1

公开(公告)日：2024-08-22

申请号：US18470585

申请日：2023-09-20

Applicant: Snowflake Inc.

Inventor： Damien Carru ,  Jeremy Yujui Chen ,  Pui Kei Johnston Chu ,  Benoit Dageville ,  Scott C. Gray ,  Unmesh Jagtap ,  Subramanian Muralidhar

IPC: G06F8/71 ,  G06F8/658 ,  G06F9/448

CPC classification number: G06F8/71 ,  G06F8/658 ,  G06F9/4488

Abstract: Methodologies for upgrading and patching an in-database application package and its application instances. A data platform determines a number of objects of an application instance running on the data platform at a previous version level of an application package of the application instance. In response to determining the number of objects of the application package running on the data platform at the previous version level of the application package is one or more, the data platform continues determining the number of objects running on the data platform at a previous version level of the application package. In response to determining the number of objects of the application instance running on the data platform at the previous version level of the application package is none, the data platform upgrades the application instance to the new version of the application package.