公开(公告)号：US20150127680A1

公开(公告)日：2015-05-07

申请号：US14530559

申请日：2014-10-31

Applicant: salesforce.com, inc.

Inventor： Arup Dutta ,  Prem Veeramani ,  Jesse Yarbro Collins

IPC: G06F17/30 ,  G06F21/62

CPC classification number: G06F17/30424 ,  G06F21/6218 ,  G06F21/85

Abstract: Embodiments regard protected handling of database queries. An embodiment of a method for querying database system views and tables includes: receiving a user query from a user, the user query being directed to one or both of a view and a table of a database, wherein the user is not a database administrator; parsing the user query with a query parser to identify elements of the user query, parsing the query including determining whether the query meets certain database access criteria; automatically generating a database query based on the parsing of the user query, the generation of the database query including generating a database query that is limited by the database access criteria; accessing the one or both of the view and the table using the generated database query, wherein the access is limited to read-only access; and obtaining a result of the access of the one or both of the view and table.

Abstract translation: 实施例涉及对数据库查询的保护处理。 用于查询数据库系统视图和表的方法的实施例包括：从用户接收用户查询，所述用户查询被定向到数据库的视图和表格中的一个或两个，其中所述用户不是数据库管理员; 用查询解析器解析所述用户查询以识别所述用户查询的元素，解析所述查询，包括确定所述查询是否满足某些数据库访问准则; 基于用户查询的解析自动生成数据库查询，生成数据库查询，包括生成受数据库访问条件限制的数据库查询; 使用所生成的数据库查询来访问所述视图和所述表中的一个或两个，其中所述访问被限制为只读访问; 并且获得视图和表中的一个或两者的访问结果。

公开(公告)号：US09953054B2

公开(公告)日：2018-04-24

申请号：US14257901

申请日：2014-04-21

Applicant: salesforce.com, inc.

Inventor： Jesse Yarbro Collins

IPC: G06F17/30 ,  G06F17/27

CPC classification number: G06F17/30442 ,  G06F17/2715 ,  G06F17/30312 ,  G06F17/3033 ,  G06F17/30336 ,  G06F17/30471 ,  G06F17/30477 ,  G06F17/30536

Abstract: In accordance with disclosed embodiments, there are provided systems and methods for implementing and maintaining sampled tables in a database system. According to a particular embodiment such a system includes a processor and a memory to execute instructions at the system; a database to store database records; a query interface to submit queries to the database and receive results from the database; triggers to initiate a hash function on database insert transactions, the hash function to hash a primary key of each database record to be inserted into the database to determine whether a first hash value of the primary key of the database record to be inserted satisfies a sampling condition; a sample table to store a sample record corresponding to any database record to be inserted into the database which satisfies the sampling condition based on the hash function; a primary key index providing a first index of the primary keys of the sample records stored in the sample table; and an ordered hash index providing a second index on a second hash value corresponding to a second hash of the primary key of the sample records stored in the sample table ordered numerically by the second hash value. Other related embodiments are disclosed.

公开(公告)号：US10268721B2

公开(公告)日：2019-04-23

申请号：US14530559

申请日：2014-10-31

Applicant: salesforce.com, inc.

Inventor： Arup Dutta ,  Prem Veeramani ,  Jesse Yarbro Collins

IPC: G06F17/00 ,  G06F17/30 ,  G06F21/62 ,  G06F21/85

Abstract: Embodiments regard protected handling of database queries. An embodiment of a method for querying database system views and tables includes: receiving a user query from a user, the user query being directed to one or both of a view and a table of a database, wherein the user is not a database administrator; parsing the user query with a query parser to identify elements of the user query, parsing the query including determining whether the query meets certain database access criteria; automatically generating a database query based on the parsing of the user query, the generation of the database query including generating a database query that is limited by the database access criteria; accessing the one or both of the view and the table using the generated database query, wherein the access is limited to read-only access; and obtaining a result of the access of the one or both of the view and table.

公开(公告)号：US20140317087A1

公开(公告)日：2014-10-23

申请号：US14257901

申请日：2014-04-21

Applicant: salesforce.com, inc.

Inventor： Jesse Yarbro Collins

IPC: G06F17/30

CPC classification number: G06F17/30442 ,  G06F17/2715 ,  G06F17/30312 ,  G06F17/3033 ,  G06F17/30336 ,  G06F17/30471 ,  G06F17/30477 ,  G06F17/30536

Abstract: In accordance with disclosed embodiments, there are provided systems and methods for implementing and maintaining sampled tables in a database system. According to a particular embodiment such a system includes a processor and a memory to execute instructions at the system; a database to store database records; a query interface to submit queries to the database and receive results from the database; triggers to initiate a hash function on database insert transactions, the hash function to hash a primary key of each database record to be inserted into the database to determine whether a first hash value of the primary key of the database record to be inserted satisfies a sampling condition; a sample table to store a sample record corresponding to any database record to be inserted into the database which satisfies the sampling condition based on the hash function; a primary key index providing a first index of the primary keys of the sample records stored in the sample table; and an ordered hash index providing a second index on a second hash value corresponding to a second hash of the primary key of the sample records stored in the sample table ordered numerically by the second hash value. Other related embodiments are disclosed.

Abstract translation: 根据所公开的实施例，提供了用于在数据库系统中实现和维护采样表的系统和方法。 根据特定实施例，这样的系统包括处理器和存储器，用于在系统处执行指令; 数据库存储数据库记录; 一个向数据库提交查询并从数据库接收结果的查询界面; 触发器启动数据库插入事务的散列函数，散列函数将要插入数据库的每个数据库记录的主键哈希，以确定要插入的数据库记录的主键的第一个哈希值是否满足采样 条件; 用于存储与要插入数据库的任何数据库记录相对应的样本记录的样本表，其基于散列函数满足采样条件; 提供存储在样本表中的样本记录的主键的第一索引的主键索引; 以及有序散列索引，其提供与存储在由第二哈希值数字排列的样本表中的样本记录的主键的主键的对应的第二散列值的第二索引。 公开了其他相关实施例。

公开(公告)号：US20180375838A1

公开(公告)日：2018-12-27

申请号：US15634447

申请日：2017-06-27

Applicant: salesforce.com, inc.

Inventor： Alexandre Hersans ,  Assaf Ben Gur ,  Jesse Yarbro Collins ,  Shreemanth Karthik Hosahalli Venkateshamurthy

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/06

Abstract: Some database systems may implement encryption services to improve the security of data stored in databases. Certain functionality may or may not be supported depending on the implemented encryption scheme. For example, the encryption service may perform deterministic encryption, which may support filtering and unicity on the resulting ciphertexts. To handle case insensitive filtering, the encryption service may encrypt both a plaintext value and a normalized (e.g., lowercased) plaintext value. A database may perform the case insensitive filtering on the stored ciphertexts corresponding to the normalized plaintext values, but may retrieve the ciphertexts corresponding to the standard plaintext values. To handle a unicity requirement, the database may generate additional unique identifiers to distinguish between duplicate ciphertexts. For example, during a key rotation process, potential duplicates may pass the unicity check based on the unique identifiers, and the database may later fix these potential duplicates.