	US 12,248,595 B2
	Network intrusion event response and protection
Marion A. Brown, Spring, TX (US); and Keith M. Hoyle, Montgomery, TX (US)
Assigned to Snowflake Inc., Bozeman, MT (US)
Filed by Snowflake Inc., Bozeman, MT (US)
Filed on Apr. 25, 2023, as Appl. No. 18/306,799.
Prior Publication US 2024/0362351 A1, Oct. 31, 2024
Int. Cl. G06F 21/62 (2013.01); G06F 16/182 (2019.01); H04L 9/08 (2006.01); H04L 9/40 (2022.01)

CPC G06F 21/6218 (2013.01) [G06F 16/184 (2019.01); H04L 9/0816 (2013.01); H04L 63/1416 (2013.01); G06F 2221/2107 (2013.01)]

30 Claims

1. A system comprising:

at least one hardware processor; and

at least one memory storing instructions that cause the at least one hardware processor to perform operations comprising:

generating a file encryption key based on a first private key of a user and a root key associated with a primary deployment of a database system;

encoding file data at a source account of the user, the source account configured at the primary deployment of the database system, and the encoding using the file encryption key;

performing replication of the file data from the source account into a target account of the user to generate replicated file data;

detecting a network intrusion event associated with the source account of the user;

generating a notification of the network intrusion event for transmission to the user; and

performing a failover of the source account to the target account of the user based on the notification, the failover granting the user access to the replicated file data based at least on a second private key of the user.