Database system public trust token redeem architecture using wallets
US-2023085481-A1 · Mar 16, 2023 · US
Database tenant-level move
US12425238B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12425238-B2 |
| Application number | US-202318303065-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 19, 2023 |
| Priority date | Apr 19, 2023 |
| Publication date | Sep 23, 2025 |
| Grant date | Sep 23, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods include reception of a request to move a first database tenant from a first database instance to a second database instance, the first database tenant comprising a first tenant object instance associated with a plurality of artifacts of the first database instance, the plurality of artifacts including a tenant-level catalog and data. In response to the request, the tenant-level catalog is exported from the first database instance to a shared storage system, the tenant-level catalog is imported to a second tenant of the second database instance from the shared storage system, the data is exported from the first database instance to the shared storage system, the data is imported to the second tenant of the second database instance from the shared storage system, and the first database tenant is dropped from the first database instance.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method comprising: receiving a request to move a first database tenant from a first database instance to a second database instance, the first database tenant comprising a first tenant object instance associated with a plurality of artifacts of the first database instance, the plurality of artifacts including metadata and data; and in response to the request: exporting the metadata associated with the first database tenant from the first database instance to a shared storage system, the metadata including a customer-controlled key management configuration; importing the metadata to a second database tenant of the second database instance from the shared storage system; acquiring, by the first database instance and based on the customer-controlled key management configuration, a customer-controlled encryption key associated with the first database tenant; encrypting the data at the first database instance using the customer-controlled encryption key; exporting the encrypted data associated with the first database tenant from the first database instance to the shared storage system; importing the encrypted data to the second database tenant of the second database instance from the shared storage system; acquiring, by the second database instance and based on the customer-controlled key management configuration, the customer-controlled encryption key associated with the first database tenant; decrypting the data at the second database instance using the customer-controlled encryption key; and dropping the first database tenant from the first database instance. 2. A method according to claim 1 , further comprising: provisioning the shared storage system; provisioning the first database instance with a first certificate to access the shared storage system; and provisioning the second database instance with a second certificate to access the shared storage system, wherein the first database instance uses the first certificate to export metadata to the shared storage system and to export data to the shared storage system, and wherein the second database instance uses the second certificate to import metadata from the shared storage system and to import data from the shared storage system. 3. A method according to claim 1 , further comprising: detecting the request with a Kubernetes operator, wherein the Kubernetes operator triggers an Argo Workflow to respond to the request. 4. A method according to claim 1 , wherein the first database instance executes in a first application cluster, the second database instance executes in a second application cluster, and the shared storage system executes in a third application cluster. 5. A method according to claim 1 , wherein the first database instance and the second database instance execute in a first application cluster and the shared storage system executes in a second application cluster. 6. A system comprising: a storage system; and a database platform in communication with the storage system and comprising: a memory storing executable program code; and at least one processing unit to execute the program code to cause the database platform to: detect a request to move a first database tenant from a first database instance to a second database instance, the first database tenant comprising a first tenant object instance associated with a plurality of artifacts of the first database instance, the plurality of artifacts including metadata and data; and in response to the request: instruct the first database instance to export the metadata associated with the first database tenant to the storage system, the metadata including a customer-controlled key management configuration; instruct the second database instance to import the metadata from the storage system to a second database tenant of the second database instance; instruct the first database instance to acquire a customer-controlled encryption key associated with the first database tenant based on the customer-controlled key management configuration, encrypt the data associated with the first database tenant using the customer-controlled encryption key, and export the encrypted data to the storage system; instruct the second database instance to import the encrypted data from the storage system, acquire the customer-controlled encryption key associated with the first database tenant based on the customer-controlled key management configuration, and decrypt the data using the customer-controlled encryption key; and drop the first database tenant from the first database instance. 7. A system according to claim 6 , at least one processing unit to execute the program code to cause the database platform to: provision the first database instance with a first certificate to access the storage system; and provision the second database instance with a second certificate to access the storage system, wherein the first database instance uses the first certificate to export metadata to the storage system and to export data to the storage system, and wherein the second database instance uses the second certificate to import metadata from the storage system and to import data from the storage system. 8. A system according to claim 6 , wherein the database platform comprises a first application cluster, and wherein the first database instance executes in a second application cluster, the second database instance executes in the first application cluster, and the shared storage system executes in a third application cluster. 9. A system according to claim 6 , wherein the database platform comprises a first application cluster, and wherein the first database instance and the second database instance execute in the first application cluster and the shared storage system executes in a second application cluster. 10. A non-transitory computer-readable medium storing executable program code, the program code executable to cause a system to: receive a request to move a first database tenant from a first database instance to a second database instance, the first database tenant comprising a first tenant object instance associated with a plurality of artifacts of the first database instance, the plurality of artifacts including a tenant-level catalog, a customer-controlled key management configuration and data; and in response to the request: export the tenant-level catalog and the customer-controlled key management configuration associated with the first database tenant from the first database instance to a shared storage system; import the tenant-level catalog and the customer-controlled key management configuration to a second database tenant of the second database instance from the shared storage system; acquire, by the first database instance and based on the customer-controlled key management configuration, a customer-controlled encryption key associated with the first database tenant; encrypt the data at the first database instance using the customer-controlled encryption key; export the encrypted data associated with the first database tenant from the first database instance to the shared storage system; import the encrypted data to the second tenant of the second database instance from the shared storage system; acquire, by the second database instance and based on the customer-controlled key management configuration, the customer-controlled encryption key associated with the first database tenant; decrypt the data at the second database instance using the customer-controlled encryption key; and drop the first database tenant from the first database instance. 11. A medium according to claim 10 , the program code executable t
Assignees
Inventors
Classifications
Database migration support · CPC title
to a system of files or objects, e.g. local or distributed file system or database · CPC title
- H04L9/3268Primary
using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12425238B2 cover?
- Systems and methods include reception of a request to move a first database tenant from a first database instance to a second database instance, the first database tenant comprising a first tenant object instance associated with a plurality of artifacts of the first database instance, the plurality of artifacts including a tenant-level catalog and data. In response to the request, the tenant-le…
- Who is the assignee on this patent?
- Sap Se
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3268. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 23 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).