公开(公告)号：US11238174B2

公开(公告)日：2022-02-01

申请号：US16263751

申请日：2019-01-31

Applicant: salesforce.com, inc.

Inventor： Terry Chong ,  Jameison Bear Martin ,  Thomas Fanghaenel ,  Andrew Tucker ,  Nathaniel Wyatt ,  Raghavendran Hanumantharau ,  Assaf Ben-Gur ,  William Charles Mortimore, Jr.

IPC: G06F21/62 ,  G06F16/2455 ,  G06F21/60 ,  H04L9/08

Abstract: System and methods of the disclosed subject matter provide segregating, at a memory storage coupled to a multitenant database system, first tenant data of a first tenant from at least second tenant data of a second tenant, based on a first tenant identifier. A first encryption key associated with the first tenant may be retrieved from a key cache memory based on the first tenant identifier, to encrypt one or more fragments of the first tenant data. The fragments of the first tenant data may be encrypted based on the retrieved encryption key. Non-encrypted header information may be generated for each of the encrypted fragments of the first tenant data, where the header information may have metadata including the first tenant identifier. The encrypted fragments of the first tenant data and the corresponding non-encrypted header information may be stored in the immutable storage.

公开(公告)号：US11748320B2

公开(公告)日：2023-09-05

申请号：US17184697

申请日：2021-02-25

Applicant: salesforce.com, inc.

Inventor： Alexandre Hersans ,  Swaroop Shere ,  Chenghung Ker ,  Parth Vijay Vaishnav ,  Assaf Ben-Gur ,  Victor Weilin Liu ,  Daniel McGarry ,  Samatha Sanikommu

IPC: G06F16/00 ,  G06F16/215 ,  G06F21/60 ,  G06Q30/01 ,  G06F16/22 ,  G06F16/23 ,  G06F16/2458

CPC classification number: G06F16/215 ,  G06F16/2237 ,  G06F16/2365 ,  G06F16/2468 ,  G06F21/602 ,  G06Q30/01

Abstract: Disclosed herein are system, method, and computer program product embodiments for detecting duplicates with exact and fuzzy matching on encrypted match indexes using an encryption key in a cloud computing platform. An embodiment operates by determining a match rule index value upon reception of a new record. The embodiment encrypts the match index rule value using the customer's encryption key and a deterministic encryption method and stores the encrypted match rule index value. Duplicate detection may be later performed by using the same deterministic encryption method to determine a cypher text for a candidate entry and comparing the ciphertext to the stored encrypted match indexes.

公开(公告)号：US10942906B2

公开(公告)日：2021-03-09

申请号：US16026819

申请日：2018-07-03

Applicant: salesforce.com, inc.

Inventor： Alexandre Hersans ,  Swaroop Shere ,  Chenghung Ker ,  Parth Vijay Vaishnav ,  Assaf Ben-Gur ,  Victor Weilin Liu ,  Daniel McGarry ,  Samatha Sanikommu

IPC: G06F16/00 ,  G06F16/215 ,  G06F21/60 ,  G06Q30/00 ,  G06F16/22 ,  G06F16/23 ,  G06F16/2458

Abstract: Disclosed herein are system, method, and computer program product embodiments for detecting duplicates with exact and fuzzy matching on encrypted match indexes using an encryption key in a cloud computing platform. An embodiment operates by determining a match rule index value upon reception of a new record. The embodiment encrypts the match index rule value using the customer's encryption key and a deterministic encryption method and stores the encrypted match rule index value. Duplicate detection may be later performed by using the same deterministic encryption method to determine a cypher text for a candidate entry and comparing the ciphertext to the stored encrypted match indexes.

公开(公告)号：US20200250325A1

公开(公告)日：2020-08-06

申请号：US16263751

申请日：2019-01-31

Applicant: salesforce.com, inc.

Inventor： Terry Chong ,  Jameison Bear Martin ,  Thomas Fanghaenel ,  Andrew Tucker ,  Nathaniel Wyatt ,  Raghavendran Hanumantharau ,  Assaf Ben-Gur ,  William Charles Mortimore, JR.

IPC: G06F21/62 ,  G06F21/60 ,  H04L9/08 ,  G06F16/2455

Abstract: System and methods of the disclosed subject matter provide segregating, at a memory storage coupled to a multitenant database system, first tenant data of a first tenant from at least second tenant data of a second tenant, based on a first tenant identifier. A first encryption key associated with the first tenant may be retrieved from a key cache memory based on the first tenant identifier, to encrypt one or more fragments of the first tenant data. The fragments of the first tenant data may be encrypted based on the retrieved encryption key. Non-encrypted header information may be generated for each of the encrypted fragments of the first tenant data, where the header information may have metadata including the first tenant identifier. The encrypted fragments of the first tenant data and the corresponding non-encrypted header information may be stored in the immutable storage.