Secure bi-directional network connectivity system between private networks
Granted: November 5, 2024
Patent Number:
12137025
A secure private network connectivity system (SNCS) within a cloud service provider infrastructure (CSPI) is described that provides secure private network connectivity between external resources residing in a customer's on-premise environment and the customer's resources residing in the cloud. The SNCS provides secure private bi-directional network connectivity between external resources residing in a customer's external site representation and resources and services residing in the…
Management plane orchestration across service cells
Granted: November 5, 2024
Patent Number:
12135991
Service cells may be utilized to limit the blast radius and reduce the probability of operational incidents (e.g., attacks, load spikes, distributed thrash, and the like). Techniques discussed herein provide any suitable number of service cells, each if which include a management plane and a data plane. A work request that includes an intended state of the service cell can be received and stored. One or more execution tasks can be executed by a management plane of the service cell to…
Automatic partitioning of materialized views
Granted: November 5, 2024
Patent Number:
12135719
In one technique, a definition of a materialized view is identified. Based on the definition, multiple candidate partitioning schemes are identified. A query is generated that indicates one or more of the candidate partitioning schemes. The query is then executed, where executing the query results in one or more partition counts, each corresponding to a different candidate partitioning scheme of the one or more candidate partitioning schemes. Based on the one or more partition counts, a…
Fault tolerance in scale-out distributed query processing appliance
Granted: November 5, 2024
Patent Number:
12135623
In an embodiment, a computer-implemented method includes receiving a query from a client and determining a query plan for the query. The query plan comprises one or more query operators for executing at least a portion of the query on a database. The method also includes sending the one or more query operators to one or more computing nodes for the one or more computing nodes to execute the one or more query operators on one or more data fragments of the database. In this example, each…
Snapshotting hardware security modules and disk metadata stores
Granted: November 5, 2024
Patent Number:
12135612
The present disclosure relates to capturing snapshots of key management data and storing the snapshots for efficient re-creation of the key management data in the event of an outage at one or more nodes. A snapshot orchestrator can request snapshot instances from each of the series of nodes across one or more regions in a cloud infrastructure service. Each snapshot instance can provide a plurality of modifications to a plurality of client keys maintained by each of the series of nodes.…
Artificial intelligence driven configuration management
Granted: October 29, 2024
Patent Number:
12131142
Techniques for artificial intelligence driven configuration management are described herein. In some embodiments, a machine-learning process determines a feature set for a plurality of deployments of a software resource. Based on varying values in the feature set, the process clusters each of the plurality of deployments into a cluster of a plurality of clusters. Each cluster of the plurality of clusters comprises one or more nodes and each node of the one or more nodes corresponds to at…
Client cookie management system
Granted: October 29, 2024
Patent Number:
12132788
A client cookie management system is disclosed that includes capabilities for securely managing a session between a web-based application and a user interacting with the web-based application using session cookies. The system receives a request from a user to access a resource provided by a web server and forwards the request to the web server. The web server generates a session cookie comprising a session identifier associated with a session created for the user. The system receives the…
Semi-automated deployment for an intra-service communication infrastructure
Granted: October 29, 2024
Patent Number:
12132617
A system for generating a topology of components based on a set of components provided by a user. The system identifies, for each particular component of the first set of components, one or more characteristics. The characteristics may include at least one of: a rule associated with the particular component, a requirement associated with the particular component, a data input type corresponding to the particular component, and data output type corresponding to the particular component.…
Techniques for detecting drift in a deployment orchestrator
Granted: October 29, 2024
Patent Number:
12131194
Techniques for implementing an infrastructure orchestration service are described. A safety plan comprising a list of resources and operations based at least in part on a deployment configuration file can be received. Upon receiving approval of the safety plan, an operation corresponding to at least one of the list of resources can be prepared to be performed. The operation can be compared to the safety plan. If the operation is part of the safety plan, the operation can be performed. If…
Processor supporting self-relative addressing modes
Granted: October 29, 2024
Patent Number:
12131163
A processor may implement self-relative memory addressing by providing load and store instructions that include self-relative addressing modes. A memory address may contain a self-relative pointer, where the memory address stores a memory offset that, when added to the memory address, defines another memory address. The self-relative addressing mode may also support invalid memory addresses using a reserved offset value, where a load instruction providing the self-relative addressing…
Unified pipeline flow with common and phase-specific paths
Granted: October 29, 2024
Patent Number:
12131139
Systems, methods, and other embodiments associated with associated with unified pipeline flow with common and phase-specific paths are described. In one embodiment, a method includes accepting, through a graphical user interface, a setting of a phase-specific link type for a link between nodes of a pipeline, wherein the phase-specific link type indicates that the link is associated with a particular phase; accepting, through the graphical user interface, a selection to execute the…
Subject level privacy attack analysis for federated learning
Granted: October 29, 2024
Patent Number:
12130929
Subject level privacy attack analysis for federated learning may be performed. A request that selects an analysis of one or more inference attacks may be received to determine a presence of data of a subject in a training set of a federated machine learning model. The selected inference attacks may be performed to determine the presence of the data of subject in the training set of the federated machine learning model. Respective success measurements may be generated for the selected…
Automatic detection of deserialization attacks with Markov chains
Granted: October 29, 2024
Patent Number:
12130912
A method for detecting a deserialization attack may include identifying, in a byte stream, a class name corresponding to a class, generating, for the class, a feature vector, generating, by applying a benign deserialization model to the feature vector, a benign probability window, generating, by applying a malicious deserialization model to the feature vector, a malicious probability window, comparing the benign probability window and the malicious probability window to obtain a…
System and method for supporting queries having sub-select constructs in a multidimensional database environment
Granted: October 29, 2024
Patent Number:
12130839
In accordance with an embodiment, described herein is a system and method for supporting queries having sub-select constructs in a multidimensional database computing environment. The system enables a sub-select construct to be provided as part of an input query, for example using a Multidimensional Expressions (MDX), or other type of query. The inner sub-select, specified by the input query, is not executed by the system before the main query, but is used to restrict the data space for…
Determining test cases to be run upon changes in software application code
Granted: October 29, 2024
Patent Number:
12130730
An aspect of the present disclosure determines test cases to be run upon changes in software application code. In one embodiment, a system receives a test suite containing multiple test cases designed to perform the testing of a software application, the software application containing one or more components. The system executes each test case to determine a corresponding sequence of components executed in the software application for the test case, and then stores a dependency data…
Consolidating change requests in data hierarchies
Granted: October 22, 2024
Patent Number:
12124427
A data hierarchy including individual data nodes may be used to represent a wide variety of data collections. Requests to change or add nodes in the data hierarchy may be received from many different sources over time. Instead of considering these change requests individually, an interface allows a plurality of change requests to be consolidated together into a single consolidated request. The consolidated request may be displayed in an interface such that changes from each of the…
Cross-regional replication of keys
Granted: October 22, 2024
Patent Number:
12126604
Discussed herein is a technique for replication of keys across regions of a cloud infrastructure. A first vault is created in a first region. The first vault stores a plurality of records, each of which is associated with a key and corresponding metadata. A second region, different from the first region, is selected where replication of the plurality of records is desired. A second vault is created in the second region. The plurality of records are relayed from the first vault to the…
Secure modular machine learning platform
Granted: October 22, 2024
Patent Number:
12124564
A secure, modular multi-tenant machine learning platform is configured to: receive untrusted code supplied by a first tenant; perform a security scan of the untrusted code to determine whether the untrusted code satisfies a set of one or more security requirements; responsive to determining that the untrusted code satisfies the security requirement(s): deploy the untrusted code to a runtime execution environment; deploy a machine learning model associated with the first tenant to the…
Data segmentation using clustering
Granted: October 22, 2024
Patent Number:
12124483
Method includes obtaining sample records from dataset associated with user and including records associated with identifiers customers of user; executing first clustering using sample records, to obtain first set of clusters for first identifiers associated with sample records, first clustering using features associated with first identifiers; providing visualization of first set of clusters; determining whether user input for optimizing first set of clusters provided in visualization is…
Real-time masking in a standby database
Granted: October 22, 2024
Patent Number:
12124474
Disclosed is a system, method, and computer program product that generates masked data from within a database infrastructure. Instead of requiring an external tool to generate masked data, a database generates masked data using its internal processing mechanisms.
