US 11,838,373 B2
Remote execution using a global identity
Khalid Zaman Bijon, Santa Cruz, CA (US); Damien Carru, New York, NY (US); Christopher Peter Child, Tiburon, CA (US); Eric Karlson, Alameda, CA (US); and Zheng Mi, Palo Alto, CA (US)
Assigned to Snowflake Inc., Bozeman, MT (US)
Filed by Snowflake Inc., Bozeman, MT (US)
Filed on Jan. 4, 2023, as Appl. No. 18/149,799.
Application 18/149,799 is a continuation of application No. 17/661,096, filed on Apr. 28, 2022, granted, now 11,570,259.
Application 17/661,096 is a continuation of application No. 17/345,101, filed on Jun. 11, 2021, granted, now 11,349,952.
Application 17/345,101 is a continuation of application No. 16/931,808, filed on Jul. 17, 2020, granted, now 11,057,491.
Prior Publication US 2023/0141984 A1, May 11, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 67/306 (2022.01); G06F 9/54 (2006.01); H04L 9/40 (2022.01); G06F 21/31 (2013.01); H04L 67/02 (2022.01); H04L 41/50 (2022.01); H04L 41/5041 (2022.01); H04L 67/10 (2022.01); H04L 67/1097 (2022.01); H04L 67/59 (2022.01); H04L 67/60 (2022.01)
CPC H04L 67/306 (2013.01) [G06F 9/547 (2013.01); G06F 21/31 (2013.01); H04L 41/50 (2013.01); H04L 41/5041 (2013.01); H04L 63/08 (2013.01); H04L 63/0815 (2013.01); H04L 63/102 (2013.01); H04L 63/20 (2013.01); H04L 67/02 (2013.01); H04L 67/10 (2013.01); H04L 67/1097 (2013.01); H04L 67/59 (2022.05); H04L 67/60 (2022.05)] 21 Claims
OG exemplary drawing
 
1. A method comprising:
establishing, at a first deployment, a login session for a user providing access to a plurality of accounts associated with an organization based on a one-way trust relationship and based on a global identity;
receiving, from the user, a command associated with a first account of the plurality of accounts;
transmitting, from the first deployment, to a second deployment a request to establish a remote session with the first account, the request including an authentication token;
establishing, by the second deployment, the remote session with a remote session ID;
establishing, by the second deployment, a proxy user associated with the user for the remote session, the proxy user standing in for the user;
transmitting, from the first deployment, an execution request to the second deployment, the execution request including the remote session ID; and
executing, at the second deployment, the execution request in context of the proxy user in the remote session.