Patents by Inventor Artin Avanes
Artin Avanes has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240119056Abstract: A method of implementing object tagging framework starts with the processor receiving a tag creation command including a tag name. In response to the tag creation command, the processor creates a current tag. The processor then receives an association command, the tag name and a source object identifier. The processor determines a source object associated with the source object identifier. The source object includes a tag value. The processor associates the current tag with the source object. The processor receives a replication command including the source object and a target object. The processor causes replication of the source object to the target object that comprises replicating the current tag with the tag name and the tag value in the source object to the target object. Other embodiments are also described herein.Type: ApplicationFiled: December 19, 2023Publication date: April 11, 2024Inventors: Artin Avanes, Khalid Zaman Bijon, Yujie Li, Zheng Mi, Subramanian Muralidhar, David Schultz
-
Publication number: 20240095393Abstract: Row-level security (RLS) may provide fine-grained access control based on flexible, user-defined access policies to databases, tables, objects, and other data structures. A RLS policy may be an entity or object that defines rules for row access. A RLS policy may be decoupled or independent from any specific table. This allows more robust and flexible control. A RLS policy may then be attached to one or more tables. The RLS policy may include a Boolean-valued expression.Type: ApplicationFiled: November 28, 2023Publication date: March 21, 2024Inventors: Artin Avanes, Khalid Zaman Bijon, Zheng Mi, Subramanian Muralidhar, David Schultz, Jian Xu
-
Publication number: 20240061948Abstract: Using container-centric managed access, an administrator is enabled to define a set of future grants for each object that will be created in the future in a container managed by the administrator. When a user creates a database object, the system checks the future grants to determine if any apply to the user, the database object, or the combination. Any applicable future grants are applied to the database object before the user is allowed to modify it. As a result, the administrator is enabled to control the privileges associated with the database object even before the database object is created, while restricting individual object owners from managing privileges on their owned objects.Type: ApplicationFiled: October 30, 2023Publication date: February 22, 2024Inventors: Artin Avanes, Khalid Zaman Bijion, Peter Povinec
-
Patent number: 11886441Abstract: A method of implementing object tagging framework starts with the processor receiving a tag creation command including a tag name. In response to the tag creation command, the processor creates a current tag. The processor then receives an association command, the tag name and a source object identifier. The processor determines a source object associated with the source object identifier. The source object includes a tag value. The processor associates the current tag with the source object. The processor receives a replication command including the source object and a target object. The processor causes replication of the source object to the target object that comprises replicating the current tag with the tag name and the tag value in the source object to the target object. Other embodiments are also described herein.Type: GrantFiled: November 7, 2022Date of Patent: January 30, 2024Assignee: Snowflake Inc.Inventors: Artin Avanes, Khalid Zaman Bijon, Yujie Li, Zheng Mi, Subramanian Muralidhar, David Schultz
-
Patent number: 11868502Abstract: Row-level security (RLS) may provide fine-grained access control based on flexible, user-defined access policies to databases, tables, objects, and other data structures. A RLS policy may be an entity or object that defines rules for row access. A RLS policy may be decoupled or independent from any specific table. This allows more robust and flexible control. A RLS policy may then be attached to one or more tables. The RLS policy may include a Boolean-valued expression.Type: GrantFiled: June 27, 2023Date of Patent: January 9, 2024Assignee: Snowflake Inc.Inventors: Artin Avanes, Khalid Zaman Bijon, Zheng Mi, Subramanian Muralidhar, David Schultz, Jian Xu
-
Publication number: 20230418699Abstract: In an embodiment, a data platform creates an application in a data-provider account. The application includes one or more APIs corresponding to one or more underlying code blocks. The data platform shares provider data with the application in the data-provider account, and also installs, in a data-consumer account, an application instance of the application. The application instance includes one or more APIs corresponding to the one or more APIs in the application in the data-provider account. The data platform shares consumer data with the application instance in the data-consumer account, and invokes one or more of the APIs of the application instance to execute respective associated underlying code blocks, which are not visible to the data-consumer account. The data platform also saves output of the one or more respective associated underlying code blocks locally within the data-consumer account.Type: ApplicationFiled: September 6, 2023Publication date: December 28, 2023Inventors: Artin Avanes, Thierry Cruanes, Monica J. Holboke, Allison Waingold Lee, Subramanian Muralidhar, David Schultz
-
Publication number: 20230401334Abstract: A data platform creates an application in a data-provider account, where the application includes one or more application programming interfaces (APIs) corresponding to one or more underlying code blocks. The data platform shares homomorphically encrypted provider data with the application in the data-provider account. The data platform installs, in a data-consumer account, an application instance of the application. The data platform shares homomorphically encrypted consumer data with the application instance in the data-consumer account. The data platform invokes one or more of the APIs of the application instance to execute respective associated underlying code blocks, which are not visible to the data-consumer account, and which operate on the shared homomorphically encrypted provider data and the shared homomorphically encrypted consumer data. The data platform saves homomorphically encrypted output of the one or more respective associated underlying code blocks locally within the data-consumer account.Type: ApplicationFiled: June 30, 2023Publication date: December 14, 2023Inventors: Artin Avanes, Thierry Cruanes, Monica J. Holboke, Allison Waingold Lee, Subramanian Muralidhar, David Schultz
-
Publication number: 20230401333Abstract: In an embodiment, an application is created on a data-provider platform. The application includes one or more application programming interfaces (APIs) corresponding to one or more underlying code blocks. Provider data is shared with the application on the data-provider platform. An application instance of the application is installed in a trusted execution environment (TEE). The application instance includes one or more APIs corresponding to the one or more APIs in the application on the data-provider platform. Consumer data is shared with the application instance from a data-consumer platform. One or more of the APIs of the application instance are invoked to execute, on the TEE, respective associated underlying code blocks that are not visible on the TEE. The output of the one or more respective associated underlying code blocks is saved to the data-consumer platform.Type: ApplicationFiled: November 30, 2022Publication date: December 14, 2023Inventors: Artin Avanes, Thierry Cruanes, Monica J. Holboke, Allison Waingold Lee, Subramanian Muralidhar, David Schultz
-
Patent number: 11841969Abstract: Using container-centric managed access, an administrator is enabled to define a set of future grants for each object that will be created in the future in a container managed by the administrator. When a user creates a database object, the system checks the future grants to determine if any apply to the user, the database object, or the combination. Any applicable future grants are applied to the database object before the user is allowed to modify it. As a result, the administrator is enabled to control the privileges associated with the database object even before the database object is created, while restricting individual object owners from managing privileges on their owned objects.Type: GrantFiled: November 22, 2022Date of Patent: December 12, 2023Assignee: Snowflake Inc.Inventors: Artin Avanes, Khalid Zaman Bijon, Peter Povinec
-
Publication number: 20230385289Abstract: A method of implementing object tagging framework starts with the processor receiving a tag creation command including a tag name. In response to the tag creation command, the processor creates a current tag. The processor then receives an association command, the tag name and a target object identifier. The processor determines a target object associated with the target object identifier. The target object includes a tag value. The processor associates the current tag with the target object. The processor identifies a first child object of the target object. The target object and the first child object are hierarchical objects. In response to determining that the first child object is tag-unassociated, the processor associates the current tag with the first child object. In response to receiving a query including the tag name, the processor generates an output based on the tag name. Other embodiments are also described herein.Type: ApplicationFiled: August 9, 2023Publication date: November 30, 2023Inventors: Artin Avanes, Khalid Zaman Bijon, Yujie Li, Zheng Mi, Subramanian Muralidhar, David Schultz
-
Patent number: 11803432Abstract: In an embodiment, a data platform creates an application in a data-provider account. The application includes one or more APIs corresponding to one or more underlying code blocks. The data platform shares provider data with the application in the data-provider account, and also installs, in a data-consumer account, an application instance of the application. The application instance includes one or more APIs corresponding to the one or more APIs in the application in the data-provider account. The data platform shares consumer data with the application instance in the data-consumer account, and invokes one or more of the APIs of the application instance to execute respective associated underlying code blocks, which are not visible to the data-consumer account. The data platform also saves output of the one or more respective associated underlying code blocks locally within the data-consumer account.Type: GrantFiled: October 31, 2022Date of Patent: October 31, 2023Assignee: Snowflake Inc.Inventors: Artin Avanes, Thierry Cruanes, Monica J. Holboke, Allison Waingold Lee, Subramanian Muralidhar, David Schultz
-
Publication number: 20230334167Abstract: Row-level security (RLS) may provide fine-grained access control based on flexible, user-defined access policies to databases, tables, objects, and other data structures. A RLS policy may be an entity or object that defines rules for row access. A RLS policy may be decoupled or independent from any specific table. This allows more robust and flexible control. A RLS policy may then be attached to one or more tables. The RLS policy may include a Boolean-valued expression.Type: ApplicationFiled: June 27, 2023Publication date: October 19, 2023Inventors: Artin Avanes, Khalid Zaman Bijon, Zheng Mi, Subramanian Muralidhar, David Schultz, Jian Xu
-
Patent number: 11763029Abstract: A data platform creates an application in a data-provider account, where the application includes one or more application programming interfaces (APIs) corresponding to one or more underlying code blocks. The data platform shares homomorphically encrypted provider data with the application in the data-provider account. The data platform installs, in a data-consumer account, an application instance of the application. The data platform shares homomorphically encrypted consumer data with the application instance in the data-consumer account. The data platform invokes one or more of the APIs of the application instance to execute respective associated underlying code blocks, which are not visible to the data-consumer account, and which operate on the shared homomorphically encrypted provider data and the shared homomorphically encrypted consumer data. The data platform saves homomorphically encrypted output of the one or more respective associated underlying code blocks locally within the data-consumer account.Type: GrantFiled: January 31, 2023Date of Patent: September 19, 2023Assignee: Snowflake Inc.Inventors: Artin Avanes, Thierry Cruanes, Monica J. Holboke, Allison Waingold Lee, Subramanian Muralidhar, David Schultz
-
Patent number: 11727139Abstract: Row-level security (RLS) may provide fine-grained access control based on flexible, user-defined access policies to databases, tables, objects, and other data structures. A RLS policy may be an entity or object that defines rules for row access. A RLS policy may be decoupled or independent from any specific table. This allows more robust and flexible control. A RLS policy may then be attached to one or more tables. The RLS policy may include a Boolean-valued expression.Type: GrantFiled: September 29, 2022Date of Patent: August 15, 2023Assignee: Snowflake Inc.Inventors: Artin Avanes, Khalid Zaman Bijon, Zheng Mi, Subramanian Muralidhar, David Schultz, Jian Xu
-
Publication number: 20230177210Abstract: A data platform creates an application in a data-provider account, where the application includes one or more application programming interfaces (APIs) corresponding to one or more underlying code blocks. The data platform shares homomorphically encrypted provider data with the application in the data-provider account. The data platform installs, in a data-consumer account, an application instance of the application. The data platform shares homomorphically encrypted consumer data with the application instance in the data-consumer account. The data platform invokes one or more of the APIs of the application instance to execute respective associated underlying code blocks, which are not visible to the data-consumer account, and which operate on the shared homomorphically encrypted provider data and the shared homomorphically encrypted consumer data. The data platform saves homomorphically encrypted output of the one or more respective associated underlying code blocks locally within the data-consumer account.Type: ApplicationFiled: January 31, 2023Publication date: June 8, 2023Inventors: Artin Avanes, Thierry Cruanes, Monica J. Holboke, Allison Waingold Lee, Subramanian Muralidhar, David Schultz
-
Publication number: 20230102349Abstract: A shared database platform implements dynamic masking on data shared between users where specific data is masked, transformed, or otherwise modified based on preconfigured functions that are associated with user roles. The shared database platform can implement the masking at runtime dynamically in response to users requesting access to a database object that is associated with one or more masking policies.Type: ApplicationFiled: December 7, 2022Publication date: March 30, 2023Inventors: Artin Avanes, Khalid Zaman Bijon, Damien Carru, Thierry Cruanes, Vikas Jain, Zheng Mi, Subramanian Muralidhar
-
Publication number: 20230089449Abstract: Using container-centric managed access, an administrator is enabled to define a set of future grants for each object that will be created in the future in a container managed by the administrator. When a user creates a database object, the system checks the future grants to determine if any apply to the user, the database object, or the combination. Any applicable future grants are applied to the database object before the user is allowed to modify it. As a result, the administrator is enabled to control the privileges associated with the database object even before the database object is created, while restricting individual object owners from managing privileges on their owned objects.Type: ApplicationFiled: November 22, 2022Publication date: March 23, 2023Inventors: Artin Avanes, Khalid Zaman Bijon, Peter Povinec
-
Publication number: 20230062496Abstract: A method of implementing object tagging framework starts with the processor receiving a tag creation command including a tag name. In response to the tag creation command, the processor creates a current tag. The processor then receives an association command, the tag name and a source object identifier. The processor determines a source object associated with the source object identifier. The source object includes a tag value. The processor associates the current tag with the source object. The processor receives a replication command including the source object and a target object. The processor causes replication of the source object to the target object that comprises replicating the current tag with the tag name and the tag value in the source object to the target object. Other embodiments are also described herein.Type: ApplicationFiled: November 7, 2022Publication date: March 2, 2023Inventors: Artin Avanes, Khalid Zaman Bijon, Yujie Li, Zheng Mi, Subramanian Muralidhar, David Schultz
-
Patent number: 11574072Abstract: A shared database platform implements dynamic masking on data shared between users where specific data is masked, transformed, or otherwise modified based on preconfigured functions that are associated with user roles. The shared database platform can implement the masking at runtime dynamically in response to users requesting access to a database object that is associated with one or more masking policies.Type: GrantFiled: May 28, 2021Date of Patent: February 7, 2023Assignee: Snowflake Inc.Inventors: Artin Avanes, Khalid Zaman Bijon, Damien Carru, Thierry Cruanes, Vikas Jain, Zheng Mi, Subramanian Muralidhar
-
Publication number: 20230022027Abstract: Row-level security (RLS) may provide fine-grained access control based on flexible, user-defined access policies to databases, tables, objects, and other data structures. A RLS policy may be an entity or object that defines rules for row access. A RLS policy may be decoupled or independent from any specific table. This allows more robust and flexible control. A RLS policy may then be attached to one or more tables. The RLS policy may include a Boolean-valued expression.Type: ApplicationFiled: September 29, 2022Publication date: January 26, 2023Inventors: Artin Avanes, Khalid Zaman Bijon, Zheng Mi, Subramanian Muralidhar, David Schultz, Jian Xu