Confidential Machine Learning on Untrusted Platforms: A Survey
This survey is significant for researchers and practitioners in machine learning and security, providing a comprehensive overview of confidential machine learning techniques to protect sensitive data and models on untrusted platforms.
This survey addresses the problem of training machine learning models on untrusted platforms while protecting sensitive data and models from unauthorized access and privacy compromises. It summarizes notable studies in confidential machine learning (CML), focusing on cryptographic approaches for model training, and discusses related threat models, security assumptions, design principles, and trade-offs.
With the ever-growing data and the need for developing powerful machine learning models, data owners increasingly depend on various untrusted platforms (e.g., public clouds, edges, and machine learning service providers) for scalable processing or collaborative learning. Thus, sensitive data and models are in danger of unauthorized access, misuse, and privacy compromises. A relatively new body of research confidentially trains machine learning models on protected data to address these concerns. In this survey, we summarize notable studies in this emerging area of research. With a unified framework, we highlight the critical challenges and innovations in outsourcing machine learning confidentially. We focus on the cryptographic approaches for confidential machine learning (CML), primarily on model training, while also covering other directions such as perturbation-based approaches and CML in the hardware-assisted computing environment. The discussion will take a holistic way to consider a rich context of the related threat models, security assumptions, design principles, and associated trade-offs amongst data utility, cost, and confidentiality.