IEEE Std 2830 pdf download IEEE Standard for Technical Framework and Requirements of Trusted Executon Environment based Shared Machine Learning
The data of each data provider is processed and encrypted using the encryption key obtained from the authentication module. The encrypted data is uploaded to the TEE of the computation platform. The decryption module of the computation platform decrypts the encrypted data by the decryption key, and then sends the decrypted data to the shared learning module. The shared learning module performs the SML operation on the decrypted data from multiple data providers.
5.2 Functional components of a TEE-based SML system
5.2.1 Computation platform The computation platform is mainly composed the following, all of which exist in a TEE:
— Authentication module: the authentication module of the computation platform is responsible for negotiating the encryption mechanism with each data provider and for providing the decryption key to the decryption module. The decryption key is used for decrypting the encrypted data uploaded by the data provider to the platform. The authentication module of the computation platform is responsible for signing the software code running in the TEE and supporting the data provider to check the software code.
— Decryption module: the decryption module of the computation platform is responsible for using the decryption key to decrypt the encrypted data uploaded by the data provider. The decryption key can be a private key or a symmetric key.
— Shared learning module: the shared learning module is responsible for computations during model training based on the decrypted data from multiple data providers for outputting a shared model. The computational functions include pre-processing, relationship analysis, model training, model assessment, model prediction, etc.
— Encryption module: the encryption module is responsible for encrypting the computed model after the whole computation is completed.
5.2.2 Data provider The data provider is mainly composed of the following:
— Data: the data provided by the data provider can be processed, encrypted, and uploaded to the computation platform. The encrypted data can be encrypted raw data, computing factors or any other data needed to be protected transmitting among participants and platform. — Process and encryption module: this module is used to process and encrypt the data based on the encryption mechanism negotiated with the computation platform, and then upload the encrypted data to the computation platform.
— Authentication module: the authentication module of the data provider is used to realize remote authentication of the data provider and the computation platform, including negotiating the encryption mechanism with the computation platform, and checking the code signature.
5.3 Processing procedure In TEE-based SML, the modeler initializes computational tasks, and the modeler can either be an authorized data provider or an authorized third-party participant who has no data but with the modeling capability. Then the computation platform creates a TEE. The local data provided by each data provider can be processed,encrypted, and uploaded to the computation platform. The platform decrypts the received encrypted data sent by each data provider in TEE and performs model training based on the decrypted data to obtain a shared model. The data processing, encryption, decryption, and training steps can be repeated multiple times. Finally, the TEE is destroyed to protect data security and privacy.
The technical process of an SML system is as follows:
— Step 1: Data providers download SML tools from the computation platform and deploy the SML tools
— Step 2: Data providers perform the data preparation, for example, data formatting, sample alignment
— Step 3: The computation platform creates a TEE
— Step 4: Modeler initializes computation tasks on the computation platform, including the model to be trained, and the algorithm
— Step 5: The computation platform delivers computation tasks to each data providers, coordinates the data processing, encryption and computation
— Step 6: Each data provider processes and encrypts the local data
— Step 7: Each data provider uploads the encrypted data to the computation platform, the encrypted data can be encrypted raw data, computation factors, or any other data needed to be protected transmitting among participants and platform
— Step 8: The computation platform decrypts the encrypted data in the TEE