SlideShare a Scribd company logo

secureTF: A Secure TensorFlow Framework

LEGATO project
LEGATO project

LEGaTO paper presented at Middleware 2020 by Do Le Quoc, Franz Gregor, Sergei Arnautov, Roland Kunkeland, Pramod Bhatotia and Christof Fetzer

Science
1 of 10
Download to read offline
1secureTF: A Secure TensorFlow Framework – Middleware 2020 1 secureTF: A Secure TensorFlow Framework Do Le Quoc, Franz Gregor, Sergei Arnautov, Roland Kunkel, Pramod Bhatotia, Christof Fetzer
2secureTF: A Secure TensorFlow Framework – Middleware 2020 2 Cloud Provider Motivation Data Clients Training Data Training Model Inference How to ensure confidentiality and integrity of data, code (e.g., Python code), model and computation with low performance overhead while retaining accuracy?
3secureTF: A Secure TensorFlow Framework – Middleware 2020 3 Application Application Libraries (Enclave) Hypervisor Container Engine Operating System Host SGX (Software Guard eXtensions) is a set of processor extensions for establishing a TEE inside an application Intel SGX Intel SGX protects the integrity and confidentiality of applications
4secureTF: A Secure TensorFlow Framework – Middleware 2020 4 Several works rely on Intel SGX to support secure machine learning: • Privado [Microsoft Research 2019] • Slalom [ICLR2019] • Occlumency [MobiCom19] • … State-of-the-art systems Limitations: • Focuses only for secure inferences, not for training computation • Does not support distributed setting • Supports only a limited number of operators
5secureTF: A Secure TensorFlow Framework – Middleware 2020 5 Cloud Provider User secureTF: Overview secureTF (Enclave) SGXTLS (1) Remote Attestation (2) Keys, certificate transferring (3) Computation results Data & Code Model
6secureTF: A Secure TensorFlow Framework – Middleware 2020 6 Clients Cloud Provider Data User TLS Attestation & policy submitting TLS TLSTLS Attestation & secrets provision Training Data Inference Training Model SGX SGX 1. Protect against attackers with privileged/root accesses Configuration & Attestation Service (CAS) SGX 2. Perform transparently attestation & Key Management secureTF: Design
7secureTF: A Secure TensorFlow Framework – Middleware 2020 7 TensorFlow Application (e.g., Python code) secureTF TensorFlow Libraries (Enclave) Network Shield File system shield M:N Threading secureTF Controller SCONE Runtime Intel SGX Driver Container (cgroups) Host Operating System Untrusted Reduce #Enclave entries/exits Actively protect data, model, and code secureTF: Implementation
8secureTF: A Secure TensorFlow Framework – Middleware 2020 8 secureTF: Evaluation 0 500 1000 1500 2000 2500 Native musl Native glibc secureTF SIM secureTF HW Graphene SGX Latency(milliseconds) Inception_v4 (163MB) Inception_v3 (91MB) Lower the better secureTF incurs ~5% in SIM mode, ~22% overhead in HW mode compared to native versions secureTF is ~1.1X – 1.4X faster than Graphene-SGX based system
9secureTF: A Secure TensorFlow Framework – Middleware 2020 9 secureTF: A Secure TensorFlow Framework • Transparency: supports unmodified TensorFlow applications (both training and inferences) • Security: provides end-to-end security for the input data, ML model, and application code • Accuracy: maintains the same in the native TensorFlow framework Conclusion Thank you!
10secureTF: A Secure TensorFlow Framework – Middleware 2020 10 Products https://sconedocs.github.io https://scontain.com Contact do@scontain.com

Recommended

TEEMon: A continuous performance monitoring framework for TEEs
TEEMon: A continuous performance monitoring framework for TEEsTEEMon: A continuous performance monitoring framework for TEEs
TEEMon: A continuous performance monitoring framework for TEEsLEGATO project
 
Automatisez la détection des menaces et évitez les faux positifs
Automatisez la détection des menaces et évitez les faux positifsAutomatisez la détection des menaces et évitez les faux positifs
Automatisez la détection des menaces et évitez les faux positifsElasticsearch
 
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...kitechsolutions
 
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...I3E Technologies
 
FY 2017 project version 2
FY 2017 project version 2FY 2017 project version 2
FY 2017 project version 2Ushnish Chowdhury
 
CCSA NGX R71 Course Overview
CCSA NGX R71 Course OverviewCCSA NGX R71 Course Overview
CCSA NGX R71 Course Overviewdaisuke_tanabe
 
Final_year_project_documentation
Final_year_project_documentationFinal_year_project_documentation
Final_year_project_documentationUshnish Chowdhury
 
'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFVOPNFV
 

Recommended

TEEMon: A continuous performance monitoring framework for TEEs
TEEMon: A continuous performance monitoring framework for TEEsTEEMon: A continuous performance monitoring framework for TEEs
TEEMon: A continuous performance monitoring framework for TEEsLEGATO project
 
Automatisez la détection des menaces et évitez les faux positifs
Automatisez la détection des menaces et évitez les faux positifsAutomatisez la détection des menaces et évitez les faux positifs
Automatisez la détection des menaces et évitez les faux positifsElasticsearch
 
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...kitechsolutions
 
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...
Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (Ia...I3E Technologies
 
FY 2017 project version 2
FY 2017 project version 2FY 2017 project version 2
FY 2017 project version 2Ushnish Chowdhury
 
CCSA NGX R71 Course Overview
CCSA NGX R71 Course OverviewCCSA NGX R71 Course Overview
CCSA NGX R71 Course Overviewdaisuke_tanabe
 
Final_year_project_documentation
Final_year_project_documentationFinal_year_project_documentation
Final_year_project_documentationUshnish Chowdhury
 
'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFVOPNFV
 
Security & fault tolerance in fresco
Security & fault tolerance in frescoSecurity & fault tolerance in fresco
Security & fault tolerance in frescoAmit Lanjewar
 
Top 5 Priorities for Cloud Security
Top 5 Priorities for Cloud SecurityTop 5 Priorities for Cloud Security
Top 5 Priorities for Cloud SecurityTeri Radichel
 
Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Winston Morton
 
The Intersection of Security and DevOps
The Intersection of Security and DevOpsThe Intersection of Security and DevOps
The Intersection of Security and DevOpsAlert Logic
 
LCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsqlLCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsqlKohei KaiGai
 
Under-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsUnder-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsAkond Rahman
 
message passing interface
message passing interfacemessage passing interface
message passing interfaceZTech Proje
 
What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?Akond Rahman
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
a famework for analyzing template security and privacy in biometric authenti...
a famework for analyzing template security and privacy in biometric authenti... a famework for analyzing template security and privacy in biometric authenti...
a famework for analyzing template security and privacy in biometric authenti...ZTech Proje
 
Extract Network and System resource for analysis of Network Security Modeling
Extract Network and System resource for analysis of Network Security ModelingExtract Network and System resource for analysis of Network Security Modeling
Extract Network and System resource for analysis of Network Security ModelingDhiraj Gajurel
 
Microservices docker-security
Microservices docker-securityMicroservices docker-security
Microservices docker-securitySergio Loureiro
 
Infrastructure as (Secure) Code
Infrastructure as (Secure) CodeInfrastructure as (Secure) Code
Infrastructure as (Secure) CodeMark Nunnikhoven
 
Shhh!: Secret Management Practices for Infrastructure as Code
Shhh!: Secret Management Practices for Infrastructure as Code Shhh!: Secret Management Practices for Infrastructure as Code
Shhh!: Secret Management Practices for Infrastructure as Code Akond Rahman
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 
Locking Down Your Cloud
Locking Down Your CloudLocking Down Your Cloud
Locking Down Your CloudTeri Radichel
 
AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016Teri Radichel
 
Securing an NGINX deployment for K8s
Securing an NGINX deployment for K8sSecuring an NGINX deployment for K8s
Securing an NGINX deployment for K8sDevOps Indonesia
 
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...Akond Rahman
 
Network-Project-in-Linux
Network-Project-in-LinuxNetwork-Project-in-Linux
Network-Project-in-LinuxPhdtopiccom
 
SECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographySECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographyALIN BABU
 
Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Joel W. King
 

More Related Content

What's hot

Security & fault tolerance in fresco
Security & fault tolerance in frescoSecurity & fault tolerance in fresco
Security & fault tolerance in frescoAmit Lanjewar
 
Top 5 Priorities for Cloud Security
Top 5 Priorities for Cloud SecurityTop 5 Priorities for Cloud Security
Top 5 Priorities for Cloud SecurityTeri Radichel
 
Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Winston Morton
 
The Intersection of Security and DevOps
The Intersection of Security and DevOpsThe Intersection of Security and DevOps
The Intersection of Security and DevOpsAlert Logic
 
LCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsqlLCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsqlKohei KaiGai
 
Under-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsUnder-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsAkond Rahman
 
message passing interface
message passing interfacemessage passing interface
message passing interfaceZTech Proje
 
What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?Akond Rahman
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
a famework for analyzing template security and privacy in biometric authenti...
a famework for analyzing template security and privacy in biometric authenti... a famework for analyzing template security and privacy in biometric authenti...
a famework for analyzing template security and privacy in biometric authenti...ZTech Proje
 
Extract Network and System resource for analysis of Network Security Modeling
Extract Network and System resource for analysis of Network Security ModelingExtract Network and System resource for analysis of Network Security Modeling
Extract Network and System resource for analysis of Network Security ModelingDhiraj Gajurel
 
Microservices docker-security
Microservices docker-securityMicroservices docker-security
Microservices docker-securitySergio Loureiro
 
Infrastructure as (Secure) Code
Infrastructure as (Secure) CodeInfrastructure as (Secure) Code
Infrastructure as (Secure) CodeMark Nunnikhoven
 
Shhh!: Secret Management Practices for Infrastructure as Code
Shhh!: Secret Management Practices for Infrastructure as Code Shhh!: Secret Management Practices for Infrastructure as Code
Shhh!: Secret Management Practices for Infrastructure as Code Akond Rahman
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 
Locking Down Your Cloud
Locking Down Your CloudLocking Down Your Cloud
Locking Down Your CloudTeri Radichel
 
AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016Teri Radichel
 
Securing an NGINX deployment for K8s
Securing an NGINX deployment for K8sSecuring an NGINX deployment for K8s
Securing an NGINX deployment for K8sDevOps Indonesia
 
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...Akond Rahman
 
Network-Project-in-Linux
Network-Project-in-LinuxNetwork-Project-in-Linux
Network-Project-in-LinuxPhdtopiccom
 

What's hot (20)

Security & fault tolerance in fresco
Security & fault tolerance in frescoSecurity & fault tolerance in fresco
Security & fault tolerance in fresco
 
Top 5 Priorities for Cloud Security
Top 5 Priorities for Cloud SecurityTop 5 Priorities for Cloud Security
Top 5 Priorities for Cloud Security
 
Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015
 
The Intersection of Security and DevOps
The Intersection of Security and DevOpsThe Intersection of Security and DevOps
The Intersection of Security and DevOps
 
LCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsqlLCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsql
 
Under-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsUnder-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes Manifests
 
message passing interface
message passing interfacemessage passing interface
message passing interface
 
What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
a famework for analyzing template security and privacy in biometric authenti...
a famework for analyzing template security and privacy in biometric authenti... a famework for analyzing template security and privacy in biometric authenti...
a famework for analyzing template security and privacy in biometric authenti...
 
Extract Network and System resource for analysis of Network Security Modeling
Extract Network and System resource for analysis of Network Security ModelingExtract Network and System resource for analysis of Network Security Modeling
Extract Network and System resource for analysis of Network Security Modeling
 
Microservices docker-security
Microservices docker-securityMicroservices docker-security
Microservices docker-security
 
Infrastructure as (Secure) Code
Infrastructure as (Secure) CodeInfrastructure as (Secure) Code
Infrastructure as (Secure) Code
 
Shhh!: Secret Management Practices for Infrastructure as Code
Shhh!: Secret Management Practices for Infrastructure as Code Shhh!: Secret Management Practices for Infrastructure as Code
Shhh!: Secret Management Practices for Infrastructure as Code
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network Security
 
Locking Down Your Cloud
Locking Down Your CloudLocking Down Your Cloud
Locking Down Your Cloud
 
AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016
 
Securing an NGINX deployment for K8s
Securing an NGINX deployment for K8sSecuring an NGINX deployment for K8s
Securing an NGINX deployment for K8s
 
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...
Characteristics of Defective Infrastructure as Code Scripts in Continuous Dep...
 
Network-Project-in-Linux
Network-Project-in-LinuxNetwork-Project-in-Linux
Network-Project-in-Linux
 

Similar to secureTF: A Secure TensorFlow Framework

SECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographySECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographyALIN BABU
 
Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Joel W. King
 
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLIMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLhiij
 
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLIMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLijccsa
 
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLIMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLijccsa
 
Improved Secure Cloud Transmission Protocol
Improved Secure Cloud Transmission ProtocolImproved Secure Cloud Transmission Protocol
Improved Secure Cloud Transmission Protocolneirew J
 
IRJET- Storage Security in Cloud Computing
IRJET- Storage Security in Cloud ComputingIRJET- Storage Security in Cloud Computing
IRJET- Storage Security in Cloud ComputingIRJET Journal
 
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...IRJET Journal
 
Fpga based encryption design using vhdl
Fpga based encryption design using vhdlFpga based encryption design using vhdl
Fpga based encryption design using vhdleSAT Publishing House
 
Working Survey of Authentication Header and Encapsulating Security Payload
Working Survey of Authentication Header and Encapsulating Security PayloadWorking Survey of Authentication Header and Encapsulating Security Payload
Working Survey of Authentication Header and Encapsulating Security Payloadijtsrd
 
Data security framework for cloud computing networks
Data security framework for cloud computing networksData security framework for cloud computing networks
Data security framework for cloud computing networksIAEME Publication
 
Analysis Of Internet Protocol ( IP ) Datagrams
Analysis Of Internet Protocol ( IP ) DatagramsAnalysis Of Internet Protocol ( IP ) Datagrams
Analysis Of Internet Protocol ( IP ) DatagramsEmily Jones
 
CrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm SimulatorCrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm SimulatorIRJET Journal
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionADVA
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Ramesh Nagappan
 
2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdfAlexKarasulu1
 

Similar to secureTF: A Secure TensorFlow Framework (20)

SECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographySECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptography
 
Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...
 
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLIMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
 
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLIMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
 
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOLIMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
IMPROVED SECURE CLOUD TRANSMISSION PROTOCOL
 
Improved Secure Cloud Transmission Protocol
Improved Secure Cloud Transmission ProtocolImproved Secure Cloud Transmission Protocol
Improved Secure Cloud Transmission Protocol
 
IS - SSL
IS - SSLIS - SSL
IS - SSL
 
IRJET- Storage Security in Cloud Computing
IRJET- Storage Security in Cloud ComputingIRJET- Storage Security in Cloud Computing
IRJET- Storage Security in Cloud Computing
 
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
 
Fpga based encryption design using vhdl
Fpga based encryption design using vhdlFpga based encryption design using vhdl
Fpga based encryption design using vhdl
 
Working Survey of Authentication Header and Encapsulating Security Payload
Working Survey of Authentication Header and Encapsulating Security PayloadWorking Survey of Authentication Header and Encapsulating Security Payload
Working Survey of Authentication Header and Encapsulating Security Payload
 
Go3611771182
Go3611771182Go3611771182
Go3611771182
 
Websecurity
Websecurity Websecurity
Websecurity
 
Data security framework for cloud computing networks
Data security framework for cloud computing networksData security framework for cloud computing networks
Data security framework for cloud computing networks
 
Analysis Of Internet Protocol ( IP ) Datagrams
Analysis Of Internet Protocol ( IP ) DatagramsAnalysis Of Internet Protocol ( IP ) Datagrams
Analysis Of Internet Protocol ( IP ) Datagrams
 
CrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm SimulatorCrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm Simulator
 
End to end IoT Solution using Mongoose OS.
End to end IoT Solution using Mongoose OS.End to end IoT Solution using Mongoose OS.
End to end IoT Solution using Mongoose OS.
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
 
2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf
 

More from LEGATO project

Scrooge Attack: Undervolting ARM Processors for Profit
Scrooge Attack: Undervolting ARM Processors for ProfitScrooge Attack: Undervolting ARM Processors for Profit
Scrooge Attack: Undervolting ARM Processors for ProfitLEGATO project
 
A practical approach for updating an integrity-enforced operating system
A practical approach for updating an integrity-enforced operating systemA practical approach for updating an integrity-enforced operating system
A practical approach for updating an integrity-enforced operating systemLEGATO project
 
PipeTune: Pipeline Parallelism of Hyper and System Parameters Tuning for Deep...
PipeTune: Pipeline Parallelism of Hyper and System Parameters Tuning for Deep...PipeTune: Pipeline Parallelism of Hyper and System Parameters Tuning for Deep...
PipeTune: Pipeline Parallelism of Hyper and System Parameters Tuning for Deep...LEGATO project
 
LEGaTO: Machine Learning Use Case
LEGaTO: Machine Learning Use CaseLEGaTO: Machine Learning Use Case
LEGaTO: Machine Learning Use CaseLEGATO project
 
Smart Home AI at the edge
Smart Home AI at the edgeSmart Home AI at the edge
Smart Home AI at the edgeLEGATO project
 
LEGaTO: Low-Energy Heterogeneous Computing Use of AI in the project
LEGaTO: Low-Energy Heterogeneous Computing Use of AI in the projectLEGaTO: Low-Energy Heterogeneous Computing Use of AI in the project
LEGaTO: Low-Energy Heterogeneous Computing Use of AI in the projectLEGATO project
 
LEGaTO: Software Stack Programming Models
LEGaTO: Software Stack Programming ModelsLEGaTO: Software Stack Programming Models
LEGaTO: Software Stack Programming ModelsLEGATO project
 
LEGaTO: Software Stack Runtimes
LEGaTO: Software Stack RuntimesLEGaTO: Software Stack Runtimes
LEGaTO: Software Stack RuntimesLEGATO project
 
LEGaTO Heterogeneous Hardware
LEGaTO Heterogeneous HardwareLEGaTO Heterogeneous Hardware
LEGaTO Heterogeneous HardwareLEGATO project
 
LEGaTO: Low-Energy Heterogeneous Computing Workshop
LEGaTO: Low-Energy Heterogeneous Computing WorkshopLEGaTO: Low-Energy Heterogeneous Computing Workshop
LEGaTO: Low-Energy Heterogeneous Computing WorkshopLEGATO project
 
TZ4Fabric: Executing Smart Contracts with ARM TrustZone
TZ4Fabric: Executing Smart Contracts with ARM TrustZoneTZ4Fabric: Executing Smart Contracts with ARM TrustZone
TZ4Fabric: Executing Smart Contracts with ARM TrustZoneLEGATO project
 
Infection Research with Maxeler Dataflow Computing
Infection Research with Maxeler Dataflow ComputingInfection Research with Maxeler Dataflow Computing
Infection Research with Maxeler Dataflow ComputingLEGATO project
 
Smart Home - AI at the edge
Smart Home - AI at the edgeSmart Home - AI at the edge
Smart Home - AI at the edgeLEGATO project
 
FPGA Undervolting and Checkpointing for Energy-Efficiency and Error-Resiliency
FPGA Undervolting and Checkpointing for Energy-Efficiency and Error-ResiliencyFPGA Undervolting and Checkpointing for Energy-Efficiency and Error-Resiliency
FPGA Undervolting and Checkpointing for Energy-Efficiency and Error-ResiliencyLEGATO project
 
Device Data Directory and Asynchronous execution: A path to heterogeneous com...
Device Data Directory and Asynchronous execution: A path to heterogeneous com...Device Data Directory and Asynchronous execution: A path to heterogeneous com...
Device Data Directory and Asynchronous execution: A path to heterogeneous com...LEGATO project
 
Scheduling Task-parallel Applications in Dynamically Asymmetric Environments
Scheduling Task-parallel Applications in Dynamically Asymmetric EnvironmentsScheduling Task-parallel Applications in Dynamically Asymmetric Environments
Scheduling Task-parallel Applications in Dynamically Asymmetric EnvironmentsLEGATO project
 
RECS – Cloud to Edge Microserver Platform for Energy-Efficient Computing
RECS – Cloud to Edge Microserver Platform for Energy-Efficient ComputingRECS – Cloud to Edge Microserver Platform for Energy-Efficient Computing
RECS – Cloud to Edge Microserver Platform for Energy-Efficient ComputingLEGATO project
 
Secure Task-Based Programming with OmpSs and SGX
Secure Task-Based Programming with OmpSs and SGXSecure Task-Based Programming with OmpSs and SGX
Secure Task-Based Programming with OmpSs and SGXLEGATO project
 

More from LEGATO project (20)

Scrooge Attack: Undervolting ARM Processors for Profit
Scrooge Attack: Undervolting ARM Processors for ProfitScrooge Attack: Undervolting ARM Processors for Profit
Scrooge Attack: Undervolting ARM Processors for Profit
 
A practical approach for updating an integrity-enforced operating system
A practical approach for updating an integrity-enforced operating systemA practical approach for updating an integrity-enforced operating system
A practical approach for updating an integrity-enforced operating system
 
PipeTune: Pipeline Parallelism of Hyper and System Parameters Tuning for Deep...
PipeTune: Pipeline Parallelism of Hyper and System Parameters Tuning for Deep...PipeTune: Pipeline Parallelism of Hyper and System Parameters Tuning for Deep...
PipeTune: Pipeline Parallelism of Hyper and System Parameters Tuning for Deep...
 
LEGaTO: Machine Learning Use Case
LEGaTO: Machine Learning Use CaseLEGaTO: Machine Learning Use Case
LEGaTO: Machine Learning Use Case
 
Smart Home AI at the edge
Smart Home AI at the edgeSmart Home AI at the edge
Smart Home AI at the edge
 
LEGaTO: Low-Energy Heterogeneous Computing Use of AI in the project
LEGaTO: Low-Energy Heterogeneous Computing Use of AI in the projectLEGaTO: Low-Energy Heterogeneous Computing Use of AI in the project
LEGaTO: Low-Energy Heterogeneous Computing Use of AI in the project
 
LEGaTO Integration
LEGaTO IntegrationLEGaTO Integration
LEGaTO Integration
 
LEGaTO: Use cases
LEGaTO: Use casesLEGaTO: Use cases
LEGaTO: Use cases
 
LEGaTO: Software Stack Programming Models
LEGaTO: Software Stack Programming ModelsLEGaTO: Software Stack Programming Models
LEGaTO: Software Stack Programming Models
 
LEGaTO: Software Stack Runtimes
LEGaTO: Software Stack RuntimesLEGaTO: Software Stack Runtimes
LEGaTO: Software Stack Runtimes
 
LEGaTO Heterogeneous Hardware
LEGaTO Heterogeneous HardwareLEGaTO Heterogeneous Hardware
LEGaTO Heterogeneous Hardware
 
LEGaTO: Low-Energy Heterogeneous Computing Workshop
LEGaTO: Low-Energy Heterogeneous Computing WorkshopLEGaTO: Low-Energy Heterogeneous Computing Workshop
LEGaTO: Low-Energy Heterogeneous Computing Workshop
 
TZ4Fabric: Executing Smart Contracts with ARM TrustZone
TZ4Fabric: Executing Smart Contracts with ARM TrustZoneTZ4Fabric: Executing Smart Contracts with ARM TrustZone
TZ4Fabric: Executing Smart Contracts with ARM TrustZone
 
Infection Research with Maxeler Dataflow Computing
Infection Research with Maxeler Dataflow ComputingInfection Research with Maxeler Dataflow Computing
Infection Research with Maxeler Dataflow Computing
 
Smart Home - AI at the edge
Smart Home - AI at the edgeSmart Home - AI at the edge
Smart Home - AI at the edge
 
FPGA Undervolting and Checkpointing for Energy-Efficiency and Error-Resiliency
FPGA Undervolting and Checkpointing for Energy-Efficiency and Error-ResiliencyFPGA Undervolting and Checkpointing for Energy-Efficiency and Error-Resiliency
FPGA Undervolting and Checkpointing for Energy-Efficiency and Error-Resiliency
 
Device Data Directory and Asynchronous execution: A path to heterogeneous com...
Device Data Directory and Asynchronous execution: A path to heterogeneous com...Device Data Directory and Asynchronous execution: A path to heterogeneous com...
Device Data Directory and Asynchronous execution: A path to heterogeneous com...
 
Scheduling Task-parallel Applications in Dynamically Asymmetric Environments
Scheduling Task-parallel Applications in Dynamically Asymmetric EnvironmentsScheduling Task-parallel Applications in Dynamically Asymmetric Environments
Scheduling Task-parallel Applications in Dynamically Asymmetric Environments
 
RECS – Cloud to Edge Microserver Platform for Energy-Efficient Computing
RECS – Cloud to Edge Microserver Platform for Energy-Efficient ComputingRECS – Cloud to Edge Microserver Platform for Energy-Efficient Computing
RECS – Cloud to Edge Microserver Platform for Energy-Efficient Computing
 
Secure Task-Based Programming with OmpSs and SGX
Secure Task-Based Programming with OmpSs and SGXSecure Task-Based Programming with OmpSs and SGX
Secure Task-Based Programming with OmpSs and SGX
 

Recently uploaded

Pests of Blackgram, greengram, cowpea_Dr.UPR.pdf
Pests of Blackgram, greengram, cowpea_Dr.UPR.pdfPests of Blackgram, greengram, cowpea_Dr.UPR.pdf
Pests of Blackgram, greengram, cowpea_Dr.UPR.pdfPirithiRaju
 
Base editing, prime editing, Cas13 & RNA editing and organelle base editing
Base editing, prime editing, Cas13 & RNA editing and organelle base editingBase editing, prime editing, Cas13 & RNA editing and organelle base editing
Base editing, prime editing, Cas13 & RNA editing and organelle base editingNetHelix
 
Microteaching on terms used in filtration .Pharmaceutical Engineering
Microteaching on terms used in filtration .Pharmaceutical EngineeringMicroteaching on terms used in filtration .Pharmaceutical Engineering
Microteaching on terms used in filtration .Pharmaceutical EngineeringPrajakta Shinde
 
FREE NURSING BUNDLE FOR NURSES.PDF by na
FREE NURSING BUNDLE FOR NURSES.PDF by naFREE NURSING BUNDLE FOR NURSES.PDF by na
FREE NURSING BUNDLE FOR NURSES.PDF by naJASISJULIANOELYNV
 
User Guide: Orion™ Weather Station (Columbia Weather Systems)
User Guide: Orion™ Weather Station (Columbia Weather Systems)User Guide: Orion™ Weather Station (Columbia Weather Systems)
User Guide: Orion™ Weather Station (Columbia Weather Systems)Columbia Weather Systems
 
CHROMATOGRAPHY PALLAVI RAWAT.pptx
CHROMATOGRAPHY PALLAVI RAWAT.pptxCHROMATOGRAPHY PALLAVI RAWAT.pptx
CHROMATOGRAPHY PALLAVI RAWAT.pptxpallavirawat456
 
Pests of castor_Binomics_Identification_Dr.UPR.pdf
Pests of castor_Binomics_Identification_Dr.UPR.pdfPests of castor_Binomics_Identification_Dr.UPR.pdf
Pests of castor_Binomics_Identification_Dr.UPR.pdfPirithiRaju
 
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxLIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxmalonesandreagweneth
 
Harmful and Useful Microorganisms Presentation
Harmful and Useful Microorganisms PresentationHarmful and Useful Microorganisms Presentation
Harmful and Useful Microorganisms Presentationtahreemzahra82
 
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptxGENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptxRitchAndruAgustin
 
(9818099198) Call Girls In Noida Sector 14 (NOIDA ESCORTS)
(9818099198) Call Girls In Noida Sector 14 (NOIDA ESCORTS)(9818099198) Call Girls In Noida Sector 14 (NOIDA ESCORTS)
(9818099198) Call Girls In Noida Sector 14 (NOIDA ESCORTS)riyaescorts54
 
《Queensland毕业文凭-昆士兰大学毕业证成绩单》
《Queensland毕业文凭-昆士兰大学毕业证成绩单》《Queensland毕业文凭-昆士兰大学毕业证成绩单》
《Queensland毕业文凭-昆士兰大学毕业证成绩单》rnrncn29
 
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)Columbia Weather Systems
 
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptxSTOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptxMurugaveni B
 
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPirithiRaju
 
Environmental Biotechnology Topic:- Microbial Biosensor
Environmental Biotechnology Topic:- Microbial BiosensorEnvironmental Biotechnology Topic:- Microbial Biosensor
Environmental Biotechnology Topic:- Microbial Biosensorsonawaneprad
 
Observational constraints on mergers creating magnetism in massive stars
Observational constraints on mergers creating magnetism in massive starsObservational constraints on mergers creating magnetism in massive stars
Observational constraints on mergers creating magnetism in massive starsSérgio Sacani
 
The dark energy paradox leads to a new structure of spacetime.pptx
The dark energy paradox leads to a new structure of spacetime.pptxThe dark energy paradox leads to a new structure of spacetime.pptx
The dark energy paradox leads to a new structure of spacetime.pptxEran Akiva Sinbar
 

Recently uploaded (20)

Pests of Blackgram, greengram, cowpea_Dr.UPR.pdf
Pests of Blackgram, greengram, cowpea_Dr.UPR.pdfPests of Blackgram, greengram, cowpea_Dr.UPR.pdf
Pests of Blackgram, greengram, cowpea_Dr.UPR.pdf
 
Base editing, prime editing, Cas13 & RNA editing and organelle base editing
Base editing, prime editing, Cas13 & RNA editing and organelle base editingBase editing, prime editing, Cas13 & RNA editing and organelle base editing
Base editing, prime editing, Cas13 & RNA editing and organelle base editing
 
Microteaching on terms used in filtration .Pharmaceutical Engineering
Microteaching on terms used in filtration .Pharmaceutical EngineeringMicroteaching on terms used in filtration .Pharmaceutical Engineering
Microteaching on terms used in filtration .Pharmaceutical Engineering
 
FREE NURSING BUNDLE FOR NURSES.PDF by na
FREE NURSING BUNDLE FOR NURSES.PDF by naFREE NURSING BUNDLE FOR NURSES.PDF by na
FREE NURSING BUNDLE FOR NURSES.PDF by na
 
User Guide: Orion™ Weather Station (Columbia Weather Systems)
User Guide: Orion™ Weather Station (Columbia Weather Systems)User Guide: Orion™ Weather Station (Columbia Weather Systems)
User Guide: Orion™ Weather Station (Columbia Weather Systems)
 
CHROMATOGRAPHY PALLAVI RAWAT.pptx
CHROMATOGRAPHY PALLAVI RAWAT.pptxCHROMATOGRAPHY PALLAVI RAWAT.pptx
CHROMATOGRAPHY PALLAVI RAWAT.pptx
 
Volatile Oils Pharmacognosy And Phytochemistry -I
Volatile Oils Pharmacognosy And Phytochemistry -IVolatile Oils Pharmacognosy And Phytochemistry -I
Volatile Oils Pharmacognosy And Phytochemistry -I
 
Pests of castor_Binomics_Identification_Dr.UPR.pdf
Pests of castor_Binomics_Identification_Dr.UPR.pdfPests of castor_Binomics_Identification_Dr.UPR.pdf
Pests of castor_Binomics_Identification_Dr.UPR.pdf
 
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxLIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
 
Harmful and Useful Microorganisms Presentation
Harmful and Useful Microorganisms PresentationHarmful and Useful Microorganisms Presentation
Harmful and Useful Microorganisms Presentation
 
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptxGENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
 
Let’s Say Someone Did Drop the Bomb. Then What?
Let’s Say Someone Did Drop the Bomb. Then What?Let’s Say Someone Did Drop the Bomb. Then What?
Let’s Say Someone Did Drop the Bomb. Then What?
 
(9818099198) Call Girls In Noida Sector 14 (NOIDA ESCORTS)
(9818099198) Call Girls In Noida Sector 14 (NOIDA ESCORTS)(9818099198) Call Girls In Noida Sector 14 (NOIDA ESCORTS)
(9818099198) Call Girls In Noida Sector 14 (NOIDA ESCORTS)
 
《Queensland毕业文凭-昆士兰大学毕业证成绩单》
《Queensland毕业文凭-昆士兰大学毕业证成绩单》《Queensland毕业文凭-昆士兰大学毕业证成绩单》
《Queensland毕业文凭-昆士兰大学毕业证成绩单》
 
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
 
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptxSTOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
STOPPED FLOW METHOD & APPLICATION MURUGAVENI B.pptx
 
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
 
Environmental Biotechnology Topic:- Microbial Biosensor
Environmental Biotechnology Topic:- Microbial BiosensorEnvironmental Biotechnology Topic:- Microbial Biosensor
Environmental Biotechnology Topic:- Microbial Biosensor
 
Observational constraints on mergers creating magnetism in massive stars
Observational constraints on mergers creating magnetism in massive starsObservational constraints on mergers creating magnetism in massive stars
Observational constraints on mergers creating magnetism in massive stars
 
The dark energy paradox leads to a new structure of spacetime.pptx
The dark energy paradox leads to a new structure of spacetime.pptxThe dark energy paradox leads to a new structure of spacetime.pptx
The dark energy paradox leads to a new structure of spacetime.pptx
 

secureTF: A Secure TensorFlow Framework

  • 1. 1secureTF: A Secure TensorFlow Framework – Middleware 2020 1 secureTF: A Secure TensorFlow Framework Do Le Quoc, Franz Gregor, Sergei Arnautov, Roland Kunkel, Pramod Bhatotia, Christof Fetzer
  • 2. 2secureTF: A Secure TensorFlow Framework – Middleware 2020 2 Cloud Provider Motivation Data Clients Training Data Training Model Inference How to ensure confidentiality and integrity of data, code (e.g., Python code), model and computation with low performance overhead while retaining accuracy?
  • 3. 3secureTF: A Secure TensorFlow Framework – Middleware 2020 3 Application Application Libraries (Enclave) Hypervisor Container Engine Operating System Host SGX (Software Guard eXtensions) is a set of processor extensions for establishing a TEE inside an application Intel SGX Intel SGX protects the integrity and confidentiality of applications
  • 4. 4secureTF: A Secure TensorFlow Framework – Middleware 2020 4 Several works rely on Intel SGX to support secure machine learning: • Privado [Microsoft Research 2019] • Slalom [ICLR2019] • Occlumency [MobiCom19] • … State-of-the-art systems Limitations: • Focuses only for secure inferences, not for training computation • Does not support distributed setting • Supports only a limited number of operators
  • 5. 5secureTF: A Secure TensorFlow Framework – Middleware 2020 5 Cloud Provider User secureTF: Overview secureTF (Enclave) SGXTLS (1) Remote Attestation (2) Keys, certificate transferring (3) Computation results Data & Code Model
  • 6. 6secureTF: A Secure TensorFlow Framework – Middleware 2020 6 Clients Cloud Provider Data User TLS Attestation & policy submitting TLS TLSTLS Attestation & secrets provision Training Data Inference Training Model SGX SGX 1. Protect against attackers with privileged/root accesses Configuration & Attestation Service (CAS) SGX 2. Perform transparently attestation & Key Management secureTF: Design
  • 7. 7secureTF: A Secure TensorFlow Framework – Middleware 2020 7 TensorFlow Application (e.g., Python code) secureTF TensorFlow Libraries (Enclave) Network Shield File system shield M:N Threading secureTF Controller SCONE Runtime Intel SGX Driver Container (cgroups) Host Operating System Untrusted Reduce #Enclave entries/exits Actively protect data, model, and code secureTF: Implementation
  • 8. 8secureTF: A Secure TensorFlow Framework – Middleware 2020 8 secureTF: Evaluation 0 500 1000 1500 2000 2500 Native musl Native glibc secureTF SIM secureTF HW Graphene SGX Latency(milliseconds) Inception_v4 (163MB) Inception_v3 (91MB) Lower the better secureTF incurs ~5% in SIM mode, ~22% overhead in HW mode compared to native versions secureTF is ~1.1X – 1.4X faster than Graphene-SGX based system
  • 9. 9secureTF: A Secure TensorFlow Framework – Middleware 2020 9 secureTF: A Secure TensorFlow Framework • Transparency: supports unmodified TensorFlow applications (both training and inferences) • Security: provides end-to-end security for the input data, ML model, and application code • Accuracy: maintains the same in the native TensorFlow framework Conclusion Thank you!
  • 10. 10secureTF: A Secure TensorFlow Framework – Middleware 2020 10 Products https://sconedocs.github.io https://scontain.com Contact do@scontain.com