	US 12,445,499 B2
	Data platform with unified privileges
Jeremy Yujui Chen, Newark, CA (US); Unmesh Jagtap, San Mateo, CA (US); William A. Pugh, Seattle, WA (US); Brian Smith, Hillsborough, CA (US); and Xu Xu, Campbell, CA (US)
Assigned to Snowflake Inc., Bozeman, MT (US)
Filed by Snowflake Inc., Bozeman, MT (US)
Filed on Jan. 25, 2024, as Appl. No. 18/423,012.
Application 18/423,012 is a continuation of application No. 18/053,956, filed on Nov. 9, 2022, granted, now 12,010,147.
Claims priority of provisional application 63/366,266, filed on Jun. 13, 2022.
Prior Publication US 2024/0163316 A1, May 16, 2024
Int. Cl. H04L 9/40 (2022.01)

CPC H04L 63/20 (2013.01)

20 Claims

1. A computer-implemented method for managing security of a user application in a data platform, comprising:

receiving, by the data platform, user application source code of the user application from a first user based on first security policies, the first security policies allowing the first user to create, edit, store, and execute the user application source code on the data platform;

receiving, by the data platform, from the first user, second security policies comprising sharing and usage privileges for a second user to use the user application when the user application is deployed on the data platform;

deploying, by the data platform, the user application within a security context based on sandbox policies including permissions for accessing system resources by performing operations comprising:

instantiating components that execute the user application; and

authorizing interactions of the instantiated components with resources of the data platform based on the sandbox policies;

receiving a request from the second user to utilize the user application; and

authorizing the request from the second user based on the second security policies.