IEEE Std 2830:2021 pdf download.IEEE Standard for Technical Framework and Requirements of Trusted Execution Environment based Shared Machine Learning.
IEEE Std 2830 defines a framework and architectures for machine learning in which a model is trained using encrypted data that has been aggregated from multiple sources and is processed by a third party trusted execution environment (TEE). A distinctive feature of this technique is the essential use of a third-party TEE for computations. The standard specifies functional components. workflows, security requirements, technical requirements, and protocols.
1.2 Purpose
There are many use cases in industries ranging from finance to healthcare to education where practitioners wish to apply machine learning to data sets that arc aggregated from sources that cannot or should not be combined due to regulatory, competitive, or ethical considerations. Two fundamentally different approaches exist for addressing this: federated machine learning and shared machine learning (SML). In federated machine learning, models are constructed by training local models on local data samples and exchanging intermediate parameters (e.g., the weights generated for a neural network or bases for a vector space that defines an embedding) among multiple parties to generate a global model shared by the participants. in trusted execution environment (TEE) based SML, the data are shared but are encrypted and given to a trusted third party to construct a model that is then shared. This standard will provide a verifiable basis for trust and security.
1.3 Word usage
The word shall indicates mandatory requirements strictly to be followed in order to conform to the standard and from which no deviation is permitted (shall equals is required to).
The word should indicates that among several possibilities one is recommended as particularly suitable, without mentioning or excluding others; or that a certain course of action is preferred but not necessarily required (should equals is recommended that).
2. Normative references
The following referenced documents are indispensable for the application of this document (i.e., they must be understood and used, so each referenced document is cited in text and its relationship to this document is explained). For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments or corrigenda) applies.
There are no normative references in this standard.
3. Definitions, acronyms, and abbreviations
3.1 Definitions
For the purposes of this document, the following terms and definitions apply. The IEEE Standards Dictionary Online should be consulted for terms not defined in this clause.
enclave: A private memory area which is defined by user code through a set of secure CPU instructions. The contents are protected and unable to be either read or saved by any process outside the enclave itself, including processes running at higher privilege levels.
remote attestation: A method by which a host (client) authenticates its hardware and software configuration to a remote host (server). The goal to enable a remote system (challenger) to determine the level of trust in the integrity of platform of another system.
shared machine learning (SNJL): A machine learning method in which the platform executing the machine learning can aggregate data from multiple parties and protect the privacy of each party when multiple parties contribute data and when the parties and the platform do not trust each other.
trusted execution environment (TEE): A secure area within a processor that runs in parallel with the operating system in an isolated environment and that ensures that the code and data running in it are protected with respect to privacy and integrity.IEEE Std 2830 pdf download.