Can One Safety Loop Guard Them All? Agentic Guard Rails for Federated Computing
This work addresses the challenge of consistent risk management and auditability in federated computing for users relying on multiple privacy techniques, though it appears incremental as it builds on existing mechanisms without claiming major performance breakthroughs.
The authors tackled the problem of unifying safety enforcement across diverse privacy-preserving mechanisms in federated computing by proposing Guardian-FC, a two-layer framework that decouples guard-rails from privacy mechanisms, resulting in a system that supports fail-fast job admission and seamless extensibility to new back-ends.
We propose Guardian-FC, a novel two-layer framework for privacy preserving federated computing that unifies safety enforcement across diverse privacy preserving mechanisms, including cryptographic back-ends like fully homomorphic encryption (FHE) and multiparty computation (MPC), as well as statistical techniques such as differential privacy (DP). Guardian-FC decouples guard-rails from privacy mechanisms by executing plug-ins (modular computation units), written in a backend-neutral, domain-specific language (DSL) designed specifically for federated computing workflows and interchangeable Execution Providers (EPs), which implement DSL operations for various privacy back-ends. An Agentic-AI control plane enforces a finite-state safety loop through signed telemetry and commands, ensuring consistent risk management and auditability. The manifest-centric design supports fail-fast job admission and seamless extensibility to new privacy back-ends. We present qualitative scenarios illustrating backend-agnostic safety and a formal model foundation for verification. Finally, we outline a research agenda inviting the community to advance adaptive guard-rail tuning, multi-backend composition, DSL specification development, implementation, and compiler extensibility alongside human-override usability.