公开(公告)号：US11700112B2

公开(公告)日：2023-07-11

申请号：US16863402

申请日：2020-04-30

Applicant: salesforce.com, inc.

Inventor： Alexandre Hersans ,  John Bracken ,  Assaf Ben Gur ,  William Charles Mortimore, Jr. ,  Swaroop Shere

IPC: H04L9/08 ,  H04L9/14 ,  G06F12/123 ,  G06F12/0813

CPC classification number: H04L9/0822 ,  G06F12/0813 ,  G06F12/123 ,  H04L9/0894 ,  H04L9/14 ,  G06F2212/60 ,  G06F2212/62

Abstract: Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support “bring your own key” (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.

公开(公告)号：US20190097791A1

公开(公告)日：2019-03-28

申请号：US15716677

申请日：2017-09-27

Applicant: salesforce.com, Inc.

Inventor： Alexandre Hersans ,  John Bracken ,  Assaf Ben Gur ,  Charles Mortimore ,  Swaroop Shere

IPC: H04L9/08 ,  H04L9/14 ,  G06F12/0813 ,  G06F12/123

Abstract: Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support “bring your own key” (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.

公开(公告)号：US20220092713A1

公开(公告)日：2022-03-24

申请号：US17447917

申请日：2021-09-16

Applicant: salesforce.com, inc.

Inventor： John Bracken ,  Adam Putinski ,  Adam Torman ,  Carlos Enrique Mogollan Jimenez ,  Cloves Carneiro Junior ,  Shaun Russell

IPC: G06Q50/20 ,  G06Q30/02 ,  G06F9/54

Abstract: Technologies are provided for tracking learning progress of an end user of a cloud computing platform when the end user is not registered with an external learning platform that provides an external learning application. In response to the end user interacting with virtual learning entities provided at the cloud computing platform, learning progress information with respect to the external learning application is generated. The interaction by the end user takes place in the context of an application provided by the cloud computing platform while in an active web session. The virtual learning entities represent content of the external learning application (e.g., learning content and contextual user information of the external learning application). When a user service of the external learning platform receives a request to persist the learning progress information for the end user, the user service can determine whether a corresponding user account (e.g., an escrow user account or a full user account) exists at the external learning platform that corresponds to the end user. If a corresponding user account does not exist, the user service can automatically provision an escrow user account that is associated with the end user. The escrow user account persists the learning progress information of the end user.

公开(公告)号：US20220091860A1

公开(公告)日：2022-03-24

申请号：US17447889

申请日：2021-09-16

Applicant: salesforce.com, inc.

Inventor： Shaun Russell ,  John Bracken ,  Adam Torman ,  Cloves Carneiro Junior ,  Carlos Enrique Mogollan Jimenez

IPC: G06F9/451 ,  H04L29/08

Abstract: Technologies are provided for integrating learning data provided by an external learning platform (ELP) to create a custom learner experience within a context of an application provided by a cloud computing platform (CCP). The system can include the CCP, the ELP, learner APIs that expose a common learning data schema on the CCP, and a user interface platform (UIP). The UIP can include a compiler that transforms source code of UICs of a componentized learner user interface for usage on the CCP, and a bundler that generates a package of UI components (UICs) that are compatible for usage on the CCP. The UICs are specific to the learning data schema shared with the learner APIs. The UIP exports the package to the CCP, which composes the learning data provided via learner APIs and UICs from the package to provide the custom learner experience within the context of the application.

公开(公告)号：US20200322139A1

公开(公告)日：2020-10-08

申请号：US16863402

申请日：2020-04-30

Applicant: salesforce.com, Inc.

Inventor： Alexandre Hersans ,  John Bracken ,  Assaf Ben Gur ,  William Charles Mortimore, JR. ,  Swaroop Shere

IPC: H04L9/08 ,  H04L9/14 ,  G06F12/123 ,  G06F12/0813

Abstract: Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support “bring your own key” (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.

公开(公告)号：US10680804B2

公开(公告)日：2020-06-09

申请号：US15716677

申请日：2017-09-27

Applicant: salesforce.com, inc.

Inventor： Alexandre Hersans ,  John Bracken ,  Assaf Ben Gur ,  William Charles Mortimore, Jr. ,  Swaroop Shere

IPC: H04L9/08 ,  H04L9/14 ,  G06F12/123 ,  G06F12/0813

Abstract: Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support “bring your own key” (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.