Chiron ML Platform

A Chiron ML Platform is an Internet-based machine learning platform that employs a Ryoan Sandbox based on a hardware-protected enclave.

• AKA: Chiron MLaaS System.
• Coontext:
  • It was initially developed by Hunt et al. (2018).
  • …
• Example(s):
  • …
• Counter-Example(s):
  • AWS Machine Learning Service,
  • Azure Machine Learning Service,
  • Google Cloud Machine Learning Engine,
  • MLCapsule System.
• See: Machine Learning System, Machine Learning Platform, Machine Learning Framework, Software Deployment, Software Development System, Application Programming Interface.

References

2018

• (Hunt et al., 2018) ⇒ Tyler Hunt, Congzheng Song, Reza Shokri, Vitaly Shmatikov, and Emmett Witchel. (2018). “Chiron: Privacy-preserving Machine Learning As a Service.” arXiv:1803.05961
  • QUOTE: We present Chiron ^[1] a system that enables data holders to train ML models on an outsourced service without revealing their training data.

    The service provider is free to choose the type of the model to train, how to configure and train it, and what transformations, if any, to apply to the inputs into the model. These choices can adaptively depend on the user’s data and ML task. The user obtains API access to the trained model but no other information about it. This matches how ML-asa-service operates today.

    To enforce data confidentiality while allowing the provider to select, configure, and train a model any way they want, Chiron employs a Ryoan sandbox ^[2], which in turn is base on a hardware-protected enclave such as Intel’s SGX ^[3]. An enclave alone is insufficient because it only protects trusted code executing on an untrusted platform. Code can only be trusted if it is public and thus can be checked by users. In Chiron, however, the ML service provider’s code is untrusted, thus users must be assured that this code is not stealing their data even though they cannot inspect it.