{"title":"利用保密计算进行机器学习:知识系统化","authors":"Fan Mo, Zahra Tarkhani, Hamed Haddadi","doi":"10.1145/3670007","DOIUrl":null,"url":null,"abstract":"<p>Privacy and security challenges in Machine Learning (ML) have become increasingly severe, along with ML’s pervasive development and the recent demonstration of large attack surfaces. As a mature system-oriented approach, Confidential Computing has been utilized in both academia and industry to mitigate privacy and security issues in various ML scenarios. In this paper, the conjunction between ML and Confidential Computing is investigated. We systematize the prior work on Confidential Computing-assisted ML techniques that provide <i>i</i>) <i>confidentiality guarantees</i> and <i>ii</i>) <i>integrity assurances</i>, and discuss their advanced features and drawbacks. Key challenges are further identified, and we provide dedicated analyses of the <i>limitations</i> in existing <i>Trusted Execution Environment</i> (TEE) systems for ML use cases. Finally, prospective works are discussed, including grounded privacy definitions for closed-loop protection, partitioned executions of efficient ML, dedicated TEE-assisted designs for ML, TEE-aware ML, and ML full pipeline guarantees. By providing these potential solutions in our systematization of knowledge, we aim to build the bridge to help achieve a much stronger TEE-enabled ML for privacy guarantees without introducing computation and system costs.</p>","PeriodicalId":50926,"journal":{"name":"ACM Computing Surveys","volume":null,"pages":null},"PeriodicalIF":23.8000,"publicationDate":"2024-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Machine Learning with Confidential Computing: A Systematization of Knowledge\",\"authors\":\"Fan Mo, Zahra Tarkhani, Hamed Haddadi\",\"doi\":\"10.1145/3670007\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Privacy and security challenges in Machine Learning (ML) have become increasingly severe, along with ML’s pervasive development and the recent demonstration of large attack surfaces. As a mature system-oriented approach, Confidential Computing has been utilized in both academia and industry to mitigate privacy and security issues in various ML scenarios. In this paper, the conjunction between ML and Confidential Computing is investigated. We systematize the prior work on Confidential Computing-assisted ML techniques that provide <i>i</i>) <i>confidentiality guarantees</i> and <i>ii</i>) <i>integrity assurances</i>, and discuss their advanced features and drawbacks. Key challenges are further identified, and we provide dedicated analyses of the <i>limitations</i> in existing <i>Trusted Execution Environment</i> (TEE) systems for ML use cases. Finally, prospective works are discussed, including grounded privacy definitions for closed-loop protection, partitioned executions of efficient ML, dedicated TEE-assisted designs for ML, TEE-aware ML, and ML full pipeline guarantees. By providing these potential solutions in our systematization of knowledge, we aim to build the bridge to help achieve a much stronger TEE-enabled ML for privacy guarantees without introducing computation and system costs.</p>\",\"PeriodicalId\":50926,\"journal\":{\"name\":\"ACM Computing Surveys\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":23.8000,\"publicationDate\":\"2024-06-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Computing Surveys\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1145/3670007\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Computing Surveys","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3670007","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0
摘要
随着机器学习(ML)的普遍发展和最近展示的巨大攻击面,机器学习(ML)中的隐私和安全挑战变得日益严峻。作为一种成熟的面向系统的方法,保密计算已被学术界和工业界用于缓解各种 ML 场景中的隐私和安全问题。本文研究了 ML 与保密计算之间的结合。我们系统梳理了保密计算辅助 ML 技术(提供 i) 保密性保证和 ii) 完整性保证)的前期工作,并讨论了它们的先进功能和缺点。我们进一步确定了关键挑战,并专门分析了用于 ML 用例的现有可信执行环境 (TEE) 系统的局限性。最后,我们讨论了前瞻性工作,包括闭环保护的基础隐私定义、高效 ML 的分区执行、ML 的专用 TEE 辅助设计、TEE 感知 ML 和 ML 全流水线保证。通过在我们的知识系统化中提供这些潜在的解决方案,我们旨在搭建一座桥梁,帮助实现更强大的 TEE 支持的 ML,从而在不引入计算和系统成本的情况下实现隐私保证。
Machine Learning with Confidential Computing: A Systematization of Knowledge
Privacy and security challenges in Machine Learning (ML) have become increasingly severe, along with ML’s pervasive development and the recent demonstration of large attack surfaces. As a mature system-oriented approach, Confidential Computing has been utilized in both academia and industry to mitigate privacy and security issues in various ML scenarios. In this paper, the conjunction between ML and Confidential Computing is investigated. We systematize the prior work on Confidential Computing-assisted ML techniques that provide i) confidentiality guarantees and ii) integrity assurances, and discuss their advanced features and drawbacks. Key challenges are further identified, and we provide dedicated analyses of the limitations in existing Trusted Execution Environment (TEE) systems for ML use cases. Finally, prospective works are discussed, including grounded privacy definitions for closed-loop protection, partitioned executions of efficient ML, dedicated TEE-assisted designs for ML, TEE-aware ML, and ML full pipeline guarantees. By providing these potential solutions in our systematization of knowledge, we aim to build the bridge to help achieve a much stronger TEE-enabled ML for privacy guarantees without introducing computation and system costs.
期刊介绍:
ACM Computing Surveys is an academic journal that focuses on publishing surveys and tutorials on various areas of computing research and practice. The journal aims to provide comprehensive and easily understandable articles that guide readers through the literature and help them understand topics outside their specialties. In terms of impact, CSUR has a high reputation with a 2022 Impact Factor of 16.6. It is ranked 3rd out of 111 journals in the field of Computer Science Theory & Methods.
ACM Computing Surveys is indexed and abstracted in various services, including AI2 Semantic Scholar, Baidu, Clarivate/ISI: JCR, CNKI, DeepDyve, DTU, EBSCO: EDS/HOST, and IET Inspec, among others.