公开(公告)号：US11736483B2

公开(公告)日：2023-08-22

申请号：US18050909

申请日：2022-10-28

Applicant: Snowflake Inc.

Inventor： Derek Denny-Brown ,  Tyler Jones ,  Isaac Kunen

IPC: H04L9/40 ,  G06F21/31

CPC classification number: H04L63/0884 ,  G06F21/31 ,  H04L63/083 ,  H04L63/10

Abstract: A credentials store definition identifying a remote credential store is received. The credential store definition includes access information to enable access to the remote credentials store. A credentials object is created in an internal database based on a credentials object definition. The credentials object identifies a security credential to retrieve from the remote credentials store to access an external resource. At runtime, a request to access the external resource is received, and based on receiving the request, the security credentials identified by the credentials object are retrieved from the remote credential store using the access information. The retrieved security credential is provided to a processing component to access the external resource.

公开(公告)号：US20230076680A1

公开(公告)日：2023-03-09

申请号：US18050909

申请日：2022-10-28

Applicant: Snowflake Inc.

Inventor： Derek Denny-Brown ,  Tyler Jones ,  Isaac Kunen

IPC: H04L9/40 ,  G06F21/31

Abstract: A credentials store definition identifying a remote credential store is received. The credential store definition includes access information to enable access to the remote credentials store. A credentials object is created in an internal database based on a credentials object definition. The credentials object identifies a security credential to retrieve from the remote credentials store to access an external resource. At runtime, a request to access the external resource is received, and based on receiving the request, the security credentials identified by the credentials object are retrieved from the remote credential store using the access information. The retrieved security credential is provided to a processing component to access the external resource.

公开(公告)号：US20220413816A1

公开(公告)日：2022-12-29

申请号：US17823621

申请日：2022-08-31

Applicant: Snowflake Inc.

Inventor： Elliott Brossard ,  Siddharth Kulkarni ,  Isaac Kunen

IPC: G06F8/41 ,  G06F9/54 ,  G06F21/60

Abstract: Embodiments described herein provide techniques for in-line compiling of UDFs in other programming languages. These techniques enable faster programming iterations because it allows users to compile directly in the cloud processing system. Moreover, it allows the UDFs to tie into existing libraries. The compiled results are treated as sensitive and handled with appropriate security policies, as with any other user data in the system.

公开(公告)号：US11423081B1

公开(公告)日：2022-08-23

申请号：US17390969

申请日：2021-08-01

Applicant: Snowflake Inc.

Inventor： Elliott Brossard ,  Sukruth Komarla Sukumar ,  Isaac Kunen ,  Ju-Yi Kuo ,  Jonathan Leang ,  Edward Ma ,  Schuyler James Manchester ,  Polita Paulus ,  Saurin Shah ,  Igor Zinkovsky

IPC: G06F16/00 ,  G06F16/901 ,  G06F16/955 ,  G06F16/2455 ,  G06F16/22 ,  G06F16/908

Abstract: A file access system for user defined functions (UDFs) can be implemented on a distributed database system. The system can store UDF signatures and interfaces (e.g., classes, sub-classes) that can be called by other users. Upon a UDF being called, one or more interface objects (e.g., InputStream) can be created and requests transferred to a execution node via a network channel. The execution node can implement multiple threads that are authorized and download file data from a staging location (e.g., internal stage, external stage) concurrently.

公开(公告)号：US20220237231A1

公开(公告)日：2022-07-28

申请号：US17657548

申请日：2022-03-31

Applicant: Snowflake Inc.

Inventor： Elliott Brossard ,  Sukruth Komarla Sukumar ,  Isaac Kunen ,  Ju-yi Kuo ,  Jonathan Lee Leang ,  Edward Ma ,  Schuyler James Manchester ,  Polita Paulus ,  Saurin Shah ,  Igor Zinkovsky

IPC: G06F16/901 ,  G06F16/955 ,  G06F16/2455 ,  G06F16/22 ,  G06F16/908

Abstract: A file access system for user defined functions (UDFs) can be implemented on a distributed database system. The system can store UDF interfaces and file reference objects that can be called by other users. Upon a UDF being called, files on a stage, one or more interface objects (e.g., InputStream), and file reference objects can be implemented by execution nodes of the distributed database system. The execution nodes can implement multiple threads that are authenticated and can download file data from a staging location concurrently.

公开(公告)号：US11216322B1

公开(公告)日：2022-01-04

申请号：US17390930

申请日：2021-07-31

Applicant: Snowflake Inc.

Inventor： Isaac Kunen ,  Srinath Shankar ,  Zihan Li ,  Khushboo Bhatia ,  Edward Ma

IPC: G06F9/54 ,  G06F16/24 ,  G06F16/28 ,  G06F21/53 ,  G06F16/2455

Abstract: Disclosed are systems, methods, and non-transitory computer-readable media for a providing stored procedures in a network-based database system. A database system executes a stored procedure within a sandbox process. The sandbox process separates the stored procedure from the other services and processes of the database system and may also limit the resources (e.g., storage, memory, etc.) and functionality available to the stored procedure. Stored procedures are commonly designed to execute database queries that are processed by other components of the database system. To provide for secure communication between the stored procedure and the other components of the database system, the sandbox process is loaded with java database connectivity (JDBC) libraries (e.g., JDBC instance) that is modified to limit the communication abilities of the stored procedure.

公开(公告)号：US20210390007A1

公开(公告)日：2021-12-16

申请号：US17461576

申请日：2021-08-30

Applicant: Snowflake Inc.

Inventor： Istvan Cseri ,  Isaac Kunen ,  Igor Zinkovsky

IPC: G06F9/54 ,  H04L29/08 ,  H04L29/06 ,  G06F16/242

Abstract: A query referencing a function associated with a remote software component is received by a network-based data warehouse system. Temporary security credentials corresponding to a role at a cloud computing service platform are obtained. The role has permission to send calls to a web endpoint corresponding to the remote software component. A request comprising input data and electronically signed using the temporary security credentials is sent to a web Application Programming Interface (API) management system of the cloud computing service platform. The request, when received by the web API management system, causes the web API management system to invoke external functionality provided by the remote software component at the web endpoint with respect to the input data. A response comprising a result of invoking the external functionality is received from the web API management system, and the result data is processed according to the query.

公开(公告)号：US12242475B2

公开(公告)日：2025-03-04

申请号：US17039473

申请日：2020-09-30

Applicant: Snowflake Inc.

Inventor： Elliott Brossard ,  Istvan Cseri ,  Isaac Kunen ,  Nitya Kumar Sharma ,  Igor Zinkovsky

IPC: G06F16/2453

Abstract: External functions can provide users of a database system the ability to invoke external services while operating from inside the database system. The techniques described herein address may detect throttling by the external system and automatically adjust or modify a request rate accordingly. Also, the techniques described herein may increase the request rate to optimize the use of the resources provided by the external system. These techniques allow the database system to improve efficiency when working with external services, which may or may not be elastic or scalable. Moreover, these techniques can decrease query execution times and reduce costs.

公开(公告)号：US11948025B2

公开(公告)日：2024-04-02

申请号：US18326905

申请日：2023-05-31

Applicant: Snowflake Inc.

Inventor： Isaac Kunen ,  Srinath Shankar ,  Zihan Li ,  Khushboo Bhatia ,  Edward Ma

IPC: G06F9/54 ,  G06F16/2455 ,  G06F16/28 ,  G06F21/53

CPC classification number: G06F9/547 ,  G06F16/2455 ,  G06F16/289 ,  G06F21/53

Abstract: Methods, systems, and computer programs are presented for providing stored procedures stored within a database to invoke specified functionality in a cloud data platform. A response to a database query is received at a compute node of a cloud data platform. A java database connectivity (JDBC) instance executing within a sandbox process converts the response into a remote procedure call. The remote procedure call is provided to a stored procedure executing within the sandbox process as the response to the database query.

公开(公告)号：US11675640B2

公开(公告)日：2023-06-13

申请号：US17572205

申请日：2022-01-10

Applicant: Snowflake Inc.

Inventor： Istvan Cseri ,  Isaac Kunen ,  Igor Zinkovsky

IPC: G06F9/44 ,  G06F9/54 ,  H04L9/40 ,  G06F16/242 ,  H04L67/565

CPC classification number: G06F9/548 ,  G06F16/2448 ,  H04L63/0414 ,  H04L63/108 ,  H04L67/565 ,  G06F2209/549

Abstract: A query referencing a function associated with a remote software component is received by a network-based data warehouse system. Temporary security credentials corresponding to a role at a cloud computing service platform are obtained. The role has permission to send calls to a web endpoint corresponding to the remote software component. A request comprising input data and electronically signed using the temporary security credentials is sent to a web Application Programming Interface (API) management system of the cloud computing service platform. The request, when received by the web API management system, causes the web API management system to invoke external functionality provided by the remote software component at the web endpoint with respect to the input data. A response comprising a result of invoking the external functionality is received from the web API management system, and the result data is processed according to the query.