US 12,235,992 B2
Data clean rooms using defined access in trusted execution environment
Artin Avanes, Palo Alto, CA (US); Thierry Cruanes, San Mateo, CA (US); Monica J. Holboke, Toronto (CA); Allison Waingold Lee, Pebble Beach, CA (US); Subramanian Muralidhar, Mercer Island, WA (US); and David Schultz, Piedmont, CA (US)
Assigned to Snowflake Inc., Bozeman, MT (US)
Filed by Snowflake Inc., Bozeman, MT (US)
Filed on Nov. 30, 2022, as Appl. No. 18/060,504.
Application 18/060,504 is a continuation in part of application No. 18/051,457, filed on Oct. 31, 2022, granted, now 11,803,432.
Claims priority of provisional application 63/366,316, filed on Jun. 13, 2022.
Prior Publication US 2023/0401333 A1, Dec. 14, 2023
Int. Cl. G06F 21/62 (2013.01); G06F 9/54 (2006.01); G06F 16/2455 (2019.01); G06F 21/53 (2013.01)
CPC G06F 21/6245 (2013.01) [G06F 9/541 (2013.01); G06F 9/547 (2013.01); G06F 16/2456 (2019.01); G06F 21/53 (2013.01); G06F 21/6254 (2013.01); G06F 2221/032 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A method performed by executing instructions on at least one hardware processor, the method comprising:
creating an application on a data-provider platform, the application comprising one or more application programming interfaces (APIs) corresponding to one or more underlying code blocks;
sharing provider data with the application on the data-provider platform;
installing, in a trusted execution environment (TEE), an application instance of the application, the application instance comprising one or more APIs corresponding to the one or more APIs in the application on the data-provider platform;
sharing consumer data with the application instance from a data-consumer platform;
invoking one or more of the APIs of the application instance to execute respective associated underlying code blocks on the TEE, the respective associated underlying code blocks not being visible on the TEE; and
saving output of the one or more respective associated underlying code blocks to the data-consumer platform.