N. Asokan, Department of Computer Science
Aalto University, Finland
All kinds of previously local services are being moved to cloud settings. While this is justified by the scalability and efficiency benefits of cloud-based services, it also raises new security and privacy challenges. Solving them by naive application of standard security/privacy techniques can conflict with other functional requirements. In this talk, I will outline some cloud-assisted services and the conflicts that arise while trying to secure these services.
I will then take the case of cloud-assisted malware scanning as an example scenario to discuss the privacy concerns that arise. I will discuss possible solutions these concerns by casting them as an instance of the private membership test problem. I will briefly describe hardware-assisted trusted execution environments (TEEs) which are widely available now and describe a solution to private membership test using TEEs. In the process, I will also point out several other recent advances in using and building TEEs and my work in this area over the last decade and a half.
Finally, I will discuss the more general setting of using cloud-hosted machine learning models in a privacy-preserving manner. I will describe MiniONN, a solution to transform any existing neural network into an oblivious variant. Oblivious neural networks (ONNs), hosted in a cloud server, can be used by clients without the server learning any information about the inputs clients send to the ONN or the results sent back to them. I will mention the pros and cons of this approach and briefly speculate on how hardware-assisted trusted execution may help address the cons.
Bio: N. Asokan is a professor of computer science at Aalto University in Finland where he co-leads the Secure Systems Group and directs the Helsinki-Aalto Center for Information Security HAIC. He is a PI for the Intel Collaborative Research Center. He is an IEEE Fellow (2017) and an ACM Distinguished Scientist (2015).