Flatee: Federated Learning Across Trusted Execution Environments
This work addresses privacy concerns in federated learning for distributed machine learning applications, though it is incremental as it builds on existing TEE technology.
The paper tackles the problem of information leakage in federated learning by proposing Flatee, a framework that uses Trusted Execution Environments (TEEs) to enhance privacy, resulting in a considerable reduction in training and communication time.
Federated learning allows us to distributively train a machine learning model where multiple parties share local model parameters without sharing private data. However, parameter exchange may still leak information. Several approaches have been proposed to overcome this, based on multi-party computation, fully homomorphic encryption, etc.; many of these protocols are slow and impractical for real-world use as they involve a large number of cryptographic operations. In this paper, we propose the use of Trusted Execution Environments (TEE), which provide a platform for isolated execution of code and handling of data, for this purpose. We describe Flatee, an efficient privacy-preserving federated learning framework across TEEs, which considerably reduces training and communication time. Our framework can handle malicious parties (we do not natively solve adversarial data poisoning, though we describe a preliminary approach to handle this).