公开(公告)号：US11870895B1

公开(公告)日：2024-01-09

申请号：US18320152

申请日：2023-05-18

Applicant: Snowflake Inc.

Inventor： Dmitry Basavin ,  Aaron S. Joyner ,  Kyle Leonhard

IPC: H04L9/08

CPC classification number: H04L9/0861 ,  H04L9/0819 ,  H04L9/0894

Abstract: A data platform provides for encryption of secrets. During operation, an application of the data platform receives a secret and communicates the secret to an encryption client of the data platform. The encryption client generates an encrypted secret using a Data Encryption Key (DEK) and the secret. The encryption client communicates the DEK to an encryption server of the data platform while retaining the encrypted secret. The encryption server generates an encrypted DEK using a Transit Encryption Key TEK. The encryption server communicates the encrypted DEK to the encryption client and the encryption client generates a binary large object (blob) using the retained encrypted secret and the encrypted DEK. The application stores the blob on a data storage device.

公开(公告)号：US20240388426A1

公开(公告)日：2024-11-21

申请号：US18520869

申请日：2023-11-28

Applicant: Snowflake Inc.

Inventor： Dmitry Basavin ,  Aaron S. Joyner ,  Kyle Leonhard

IPC: H04L9/08

Abstract: A data platform provides for encryption of secrets. During operation, an application of the data platform receives a secret and communicates the secret to an encryption client of the data platform. The encryption client generates an encrypted secret using a Data Encryption Key (DEK) and the secret. The encryption client communicates the DEK to an encryption server of the data platform while retaining the encrypted secret. The encryption server generates an encrypted DEK using a Transit Encryption Key TEK. The encryption server communicates the encrypted DEK to the encryption client and the encryption client generates a binary large object (blob) using the retained encrypted secret and the encrypted DEK. The application stores the blob on a data storage device.