Patents by Inventor Andong Zhan
Andong Zhan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11930045Abstract: Methods, systems, and computer programs are presented for enabling any sandboxed user-defined function code to securely access the Internet via a cloud data platform. A remote procedure call is received by a cloud data platform from a user-defined function (UDF) executing within a sandbox process. The UDF includes code related to at least one operation to be performed. The cloud data platform provides an overlay network to establish a secure egress path for UDF external access. The cloud data platform enables the UDF executing in the sandbox process to initiate a network call.Type: GrantFiled: April 28, 2023Date of Patent: March 12, 2024Assignee: Snowflake Inc.Inventors: Brandon S. Baker, Derek Denny-Brown, Michael A. Halcrow, Sven Tenzing Choden Konigsmark, Niranjan Kumar Sharma, Nitya Kumar Sharma, Haowei Yu, Andong Zhan
-
Patent number: 11822645Abstract: A method for tracing function execution includes instantiating, by at least one hardware processor of a computing node, a user code runtime configured with access to an operating system (OS) kernel of the computing node. The user code runtime is configured with a first set of filtering policies associated with a first set of allowed system calls. The OS kernel is configured with a second set of filtering policies associated with a second set of allowed system calls. A system call initiated by the user code runtime is detected to violate one or both of the first set of allowed system calls and the second set of allowed system calls. A trace of the system call is initiated based on the detecting.Type: GrantFiled: January 30, 2023Date of Patent: November 21, 2023Assignee: Snowflake Inc.Inventors: Brandon S. Baker, Derek Denny-Brown, Mark M. Manning, Andong Zhan
-
Publication number: 20230359727Abstract: A method for tracing function execution includes instantiating, by at least one hardware processor of a computing node, a user-defined function (UDF) server associated with a plurality of configurations. A plurality of child processes of the UDF server are instantiated using the plurality of configurations. A filtering process is configured at an operating system (OS) kernel of the computing node using a child process of the plurality of child processes. The filtering process includes a set of system call categories and a corresponding set of filtering policies. A system call received at the OS kernel and associated with a system call category of the set of system call categories is detected to violate a corresponding filtering policy of the set of filtering policies. A tracing event of the system call is initiated based on the detecting.Type: ApplicationFiled: July 20, 2023Publication date: November 9, 2023Inventors: Brandon S. Baker, Dereck Denny-Brown, Mark M. Manning, Andong Zhan
-
Publication number: 20230177145Abstract: A method for tracing function execution includes instantiating, by at least one hardware processor of a computing node, a user code runtime configured with access to an operating system (OS) kernel of the computing node. The user code runtime is configured with a first set of filtering policies associated with a first set of allowed system calls. The OS kernel is configured with a second set of filtering policies associated with a second set of allowed system calls. A system call initiated by the user code runtime is detected to violate one or both of the first set of allowed system calls and the second set of allowed system calls. A trace of the system call is initiated based on the detecting.Type: ApplicationFiled: January 30, 2023Publication date: June 8, 2023Inventors: Brandon S. Baker, Derek Denny-Brown, Mark M. Manning, Andong Zhan
-
Patent number: 11640458Abstract: A system includes at least one hardware processor of a computing node and at least one memory storing instructions that cause the at least one hardware processor to perform operations. The operations include instantiating a user code runtime to execute within a sandbox process. The sandbox process configures access by the user code runtime to an operating system (OS) kernel of the computing node. The OS kernel is configured with one or more filtering policies. A determination is performed of whether a system call received by the OS kernel violates the one or more filtering policies. The system call is triggered by at least one operation of the user code runtime. A tracing event is instantiated to trace execution of the system call based on the determination.Type: GrantFiled: June 29, 2022Date of Patent: May 2, 2023Assignee: Snowflake Inc.Inventors: Brandon S. Baker, Derek Denny-Brown, Mark M. Manning, Andong Zhan
-
Publication number: 20220391492Abstract: A system includes at least one hardware processor of a computing node and at least one memory storing instructions that cause the at least one hardware processor to perform operations. The operations include instantiating a user code runtime to execute within a sandbox process. The sandbox process configures access by the user code runtime to an operating system (OS) kernel of the computing node. The OS kernel is configured with one or more filtering policies. A determination is performed of whether a system call received by the OS kernel violates the one or more filtering policies. The system call is triggered by at least one operation of the user code runtime. A tracing event is instantiated to trace execution of the system call based on the determination.Type: ApplicationFiled: June 29, 2022Publication date: December 8, 2022Inventors: Brandon S. Baker, Derek Denny-Brown, Mark M. Manning, Andong Zhan
-
Patent number: 11494386Abstract: A shared database platform can interface with a cluster computing platform over a network through a connector. The data transferred over the network can include metadata result packages that can be distributed to worker nodes of the cluster computing platform, which receive the metadata objects and access the result data for further processing on a staging platform, such as a scalable storage platform.Type: GrantFiled: January 4, 2022Date of Patent: November 8, 2022Assignee: Snowflake Inc.Inventors: Bing Li, Edward Ma, Mingli Rui, Haowei Yu, Andong Zhan
-
Patent number: 11409864Abstract: Provided herein are systems and methods for tracing and tracing supervision of UDFs in a database system. For example, a method includes receiving a user-defined function (UDF), the UDF including code related to at least one operation to be performed. A user code runtime is instantiated to execute the code of the UDF as a child process. The user code runtime includes a filtering process configured with a plurality of filtering policies. A system call of the at least one operation is detected based on a notification from an operating system (OS) manager, the notification identifying the system call. A determination is made on whether performing the system call is permitted based on the plurality of filtering policies. A report is generated based on the determining.Type: GrantFiled: July 30, 2021Date of Patent: August 9, 2022Assignee: Snowflake Inc.Inventors: Brandon S. Baker, Derek Denny-Brown, Mark M. Manning, Andong Zhan
-
Publication number: 20220129467Abstract: A shared database platform can interface with a cluster computing platform over a network through a connector. The data transferred over the network can include metadata result packages that can be distributed to worker nodes of the cluster computing platform, which receive the metadata objects and access the result data for further processing on a staging platform, such as a scalable storage platform.Type: ApplicationFiled: January 4, 2022Publication date: April 28, 2022Inventors: Bing Li, Edward Ma, Mingli Rui, Haowei Yu, Andong Zhan
-
Patent number: 11295009Abstract: The subject technology receives, in a computing process, a user defined function, the user defined function including code related to at least one operation to be performed. The subject technology determines by a security manager whether performing the at least one operation is permitted, the security manager determines restrictions, based at least in part on a security policy. The subject technology performs the at least one operation. The subject technology sends a result of the at least one operation to the computing process, where sending the result of the at least one operation utilizes a data transport mechanism that supports a network transfer of columnar data.Type: GrantFiled: June 18, 2021Date of Patent: April 5, 2022Assignee: Snowflake Inc.Inventors: Elliott Brossard, Derek Denny-Brown, Isaac Kunen, Soumitr Rajiv Pandey, Jacob Salassi, Srinath Shankar, Haowei Yu, Andong Zhan
-
Patent number: 11250005Abstract: A shared database platform can interface with a cluster computing platform over a network through a connector. The data transferred over the network can include metadata result packages that can be distributed to worker nodes of the cluster computing platform, which receive the metadata objects and access the result data for further processing on a staging platform, such as a scalable storage platform.Type: GrantFiled: June 18, 2020Date of Patent: February 15, 2022Assignee: Snowflake Inc.Inventors: Bing Li, Edward Ma, Mingli Rui, Haowei Yu, Andong Zhan
-
Publication number: 20210374235Abstract: The subject technology receives, in a computing process, a user defined function, the user defined function including code related to at least one operation to be performed. The subject technology determines by a security manager whether performing the at least one operation is permitted, the security manager determines restrictions, based at least in part on a security policy. The subject technology performs the at least one operation. The subject technology sends a result of the at least one operation to the computing process, where sending the result of the at least one operation utilizes a data transport mechanism that supports a network transfer of columnar data.Type: ApplicationFiled: June 18, 2021Publication date: December 2, 2021Inventors: Elliott Brossard, Derek Denny-Brown, Isaac Kunen, Soumitr Rajiv Pandey, Jacob Salassi, Srinath Shankar, Haowei Yu, Andong Zhan
-
Patent number: 11113390Abstract: The subject technology receives, in a first computing process, a user defined function, the user defined function including code related to at least one operation to be performed. The subject technology sends a request based at least in part on the at least one operation to a second computing process to perform. The subject technology determines, by a security manager executing within the second computing process, whether performing the at least one operation is permitted, the security manager determines restrictions, based at least in part on a security policy, on operations executing within a sandbox environment provided by the second computing process. The subject technology performs, in the second computing process, the at least one operation, the security manager executing within the second computing process.Type: GrantFiled: April 21, 2021Date of Patent: September 7, 2021Assignee: Snowflake Inc.Inventors: Elliott Brossard, Derek Denny-Brown, Isaac Kunen, Soumitr Rajiv Pandey, Jacob Salassi, Srinath Shankar, Haowei Yu, Andong Zhan
-
Publication number: 20210191945Abstract: A shared database platform can interface with a cluster computing platform over a network through a connector. The data transferred over the network can include metadata result packages that can be distributed to worker nodes of the cluster computing platform, which receive the metadata objects and access the result data for further processing on a staging platform, such as a scalable storage platform.Type: ApplicationFiled: June 18, 2020Publication date: June 24, 2021Inventors: Bing Li, Edward Ma, Mingli Rui, Haowei Yu, Andong Zhan
-
Patent number: 10997286Abstract: The subject technology receives, in a first computing process, a user defined function, the user defined function including code related to at least one operation to be performed. The subject technology sends a request based on the at least one operation to a second computing process to perform, the second computing process being different than the first computing process and comprising a sandbox for executing the at least one operation. The subject technology receives, by the second computing process, the request. The subject technology determines, using at least a security policy, whether performing the at least one operation is permitted. The subject technology performs, in the second computing process, the least one operation. The subject technology sends, by the second computing process, a result of the at least one operation to the first computing process.Type: GrantFiled: July 31, 2020Date of Patent: May 4, 2021Assignee: Snowflake Inc.Inventors: Elliott Brossard, Derek Denny-Brown, Isaac Kunen, Soumitr Rajiv Pandey, Jacob Salassi, Srinath Shankar, Haowei Yu, Andong Zhan
-
Patent number: 10719517Abstract: A shared database platform can interface with a cluster computing platform over a network through a connector. The data transferred over the network can include metadata result packages that can be distributed to worker nodes of the duster computing platform, which receive the metadata objects and access the result data for further processing on a staging platform, such as a scalable storage platform.Type: GrantFiled: December 18, 2019Date of Patent: July 21, 2020Assignee: Snowflake Inc.Inventors: Bing Li, Edward Ma, Mingli Rui, Haowei Yu, Andong Zhan
-
Publication number: 20190384421Abstract: Systems and methods provide for removing and/or hiding the negative effects of at least some of the latency between, e.g., detection of motion of a device such as a three-dimensional (3D) pointing device and corresponding redrawing of the cursor on a display. A method for masking latency associated with displaying a cursor on a display includes: receiving data associated with motion of an input device at a first time; using the data to determine a cursor position associated with the first time; determining a predicted cursor position at a future time relative to the first time using the determined cursor position; and displaying the cursor on the display at a position based on the predicted cursor position.Type: ApplicationFiled: August 26, 2019Publication date: December 19, 2019Inventors: Bryan A. Cook, Thomas V. Trimeloni, Andong Zhan, Daniel Simpkins, Charles W.K. Gritton
-
Publication number: 20180206775Abstract: An embodiment in accordance with the present invention includes a smartphone based platform that can be used to objectively and remotely measure aspects related to PD (e.g., voice, balance, dexterity, gait, and reaction time), activities of daily living, and PD medicine response. The present invention includes a unified PD-specific remote monitoring platform that incorporates both active and passive tests to provide high frequency monitoring of symptoms and activities of daily living related to PD and medicine response. The platform of the present invention does not require specialized medical hardware.Type: ApplicationFiled: January 23, 2018Publication date: July 26, 2018Inventors: Suchi Saria, Andong Zhan
-
Publication number: 20180046265Abstract: Systems and methods provide for removing and/or hiding the negative effects of at least some of the latency between, e.g., detection of motion of a device such as a three dimensional (3D) pointing device and corresponding redrawing of the cursor on a display. A method for masking latency associated with displaying a cursor on a display includes: receiving data associated with motion of an input device at a first time; using the data to determine a cursor position associated with the first time; determining a predicted cursor position at a future time relative to the first time using the determined cursor position; and displaying the cursor on the display at a position based on the predicted cursor position.Type: ApplicationFiled: October 5, 2017Publication date: February 15, 2018Inventors: Bryan A. Cook, Thomas V. Trimeloni, Andong Zhan, Daniel Simpkins, Charles W.K. Gritton