deploy: b411ae4

hsiangjenli · Nov 11, 2024 · d3a9334 · d3a9334
1 parent 1c3ab82
commit d3a9334
Show file tree

Hide file tree

Showing 12 changed files with 457 additions and 26 deletions.
diff --git a/_sources/paper/xu2021privacy-outline.md b/_sources/paper/xu2021privacy-outline.md
@@ -60,32 +60,131 @@
 > - 🟥 third-party CF
 
 #### Model Serving Phase
+
+##### Typical types of privacy leakage
+1. Disclosure of Membership
+1. Class Representative
+1. Property
+
 > Guarantee on model serving phase, there are four roles:
 > 1. Data Producer
 > 1. Local CF
 > 1. Third-party CF
 > 1. Model Consumer
 
 ##### Global Model Privacy Guarantee
-
+> - 🟩 Local CF
+> - 🟩 Third-Party CF
+> - 🔴 Model Consumer
 
 #### Full Privacy Guarantee
 
 ---
 
 ## Technical {U}tility in PPML
+> 1. How to release/publish data without revealing sensitive information
+> 1. How the data used in the model training 
+> 1. The architecture of ML system prevents the disclosure of sensitive information
+
+> The impact of using PPML can be classified into n categories:
+> 1. Model Utility
+> 1. Computation Utility
+> 1. Communication Utility
+> 1. Scalability Utility
+> 1. Scenario Utility
+> 1. Privacy Utility
+<!-- > 1. Computation Utility
+> 1. Communication Utility
+> 1. Model Utility
+> 1. Scalability Utility -->
 
 ### Data Publish Approach
 
+#### Elimitation-based Approach
+> - Totally eliminate the identifier from the data
+> - Partially conceal quasi-identifiers
+
+1. $k$-anonymity
+1. $l$-diversity
+1. $t$-closeness
+
+#### Perturbation-based Approach
+1. Differential Privacy
+1. Sketching
+
+#### Confusion-based Approach (Cryptography)
+1. Symmetric encryption (e.g. AES) + Garbled circuits / Oblivious transfer
+1. Homomorphic encryption
+1. Functional encryption
+
 ### Data Processing Approach
 
+#### Ordinary Computation
+> If using traditional anonymization techniques or perturbation-based techniques, the identifiers are removed from the data, then can use ordinary computation
+
+##### Elimination-based Approach
+##### Perturbation-based Approach
+
+#### Secure Computation
+
+> Adversary setting is semi-honest or malicious
+
+##### Additive Mask based Approach
+> - Private data are masked with randomize values
+> - A light-weight approach of secure computation
+
+1. Pairwise Additive Masking Based Secure Computation Approach
+   - $t$-of-$n$ secret sharing
+   - Multi-Secret Sharing
+1. Double Masking Pairwise Based Protocol
+   - Prevents the failure happened in Pairwise Additive Masking
+1. Anonymous Communication
+   - DC-nets (Dining Cryptographers Networks)
+   - mix-nets
+
+
+##### Garbled Circuit based Approach
+
+##### Advanced Cryptography based Approach
+###### Homomorphic Encryption
+###### Functional Encryption
+
+##### Mixed Protocol Approach
+> Combine the above approaches
+
+1. TASTY
+1. ABY
+1. ABY$^3$
+1. CrypTen
+1. Falcon
+
+##### Trusted Execution Environment Approach
+1. Code Authentication
+1. Runtime State Integrity
+1. Confidentiality
+
 ### Architectureal Appraoch
 
+#### Delegation-based ML Architecture
+> Provide computation-limited parties the capability to create and use ML models
+1. CryptoML
+1. SecureML
+
+#### Distributed Selective SGD Architecture
+
+#### Federated Learning Architecture
+
+#### Knowledge Transfer Architecture
+
+1. Knowledge Distillation
+1. Model Compression
+1. Transfer Learning
+
 ### Hybrid Approach 
 
----
+<!-- ---
 
-## Challenge and Potential Directions
+## Challenge and Potential Directions -->
 
 
 <!-- References

diff --git a/_sources/paper/xu2021privacy.rst b/_sources/paper/xu2021privacy.rst
@@ -5,6 +5,13 @@ WIP - :title-ref:`xu2021privacy`
 * Authors : :cite:authors:`xu2021privacy`  
 
 
+An overview of mindmap
+----------------------
+
+.. raw:: html
+   /_static/image/image.png
+    <a href="_static/html/xu2021privacy.html">testurl</a>
+
 Before starting
 ---------------
 

diff --git a/_sources/resource/keyterm/key.rst b/_sources/resource/keyterm/key.rst
@@ -65,6 +65,10 @@ KeyTerms
      - Software As A Service
      - Todo.
 
+   * - TEE
+     - Trusted Execution Environment
+     - Todo.
+
    * - V2X
      - Vehicle To Everything
      - Todo.

diff --git a/_sources/resource/ppml.rst b/_sources/resource/ppml.rst
@@ -24,6 +24,10 @@ Privacy Preserving Machine Learning framework
 * https://github.com/facebookresearch/CrypTen
 
 
+Others
+------
+* https://github.com/mpc-msri/EzPC :cite:`rathee2021sirnn`
+
 References
 ----------
 .. bibliography::

diff --git a/_static/html/xu2021privacy.html b/_static/html/xu2021privacy.html
@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<meta http-equiv="X-UA-Compatible" content="ie=edge">
+<title>Markmap</title>
+<style>
+* {
+  margin: 0;
+  padding: 0;
+}
+#mindmap {
+  display: block;
+  width: 100vw;
+  height: 100vh;
+}
+</style>
+<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/katex.min.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/style.css">
+</head>
+<body>
+<svg id="mindmap"></svg>
+<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/d3.min.js"></script><script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/browser/index.js"></script><script>((getMarkmap) => {
+          window.WebFontConfig = {
+            custom: {
+              families: [
+                "KaTeX_AMS",
+                "KaTeX_Caligraphic:n4,n7",
+                "KaTeX_Fraktur:n4,n7",
+                "KaTeX_Main:n4,n7,i4,i7",
+                "KaTeX_Math:i4,i7",
+                "KaTeX_Script",
+                "KaTeX_SansSerif:n4,n7,i4",
+                "KaTeX_Size1",
+                "KaTeX_Size2",
+                "KaTeX_Size3",
+                "KaTeX_Size4",
+                "KaTeX_Typewriter"
+              ]
+            },
+            active: () => {
+              getMarkmap().refreshHook.call();
+            }
+          };
+        })(() => window.markmap)</script><script src="https://cdn.jsdelivr.net/npm/[email protected]/webfontloader.js" defer></script><script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/index.js"></script><script>(r => {
+                setTimeout(r);
+              })(() => {
+  const {
+    markmap,
+    mm
+  } = window;
+  const {
+    el
+  } = markmap.Toolbar.create(mm);
+  el.setAttribute('style', 'position:absolute;bottom:20px;right:20px');
+  document.body.append(el);
+})</script><script>((getMarkmap, getOptions, root2, jsonOptions) => {
+              const markmap = getMarkmap();
+              window.mm = markmap.Markmap.create(
+                "svg#mindmap",
+                (getOptions || markmap.deriveOptions)(jsonOptions),
+                root2
+              );
+            })(() => window.markmap,null,{"content":"WIP - Outline of {title-ref}<code>xu2021privacy</code>","children":[{"content":"Privacy Preserving {P}hase in PPML","children":[{"content":"Model Generation","children":[],"payload":{"lines":"13,14"}},{"content":"Model Serving","children":[],"payload":{"lines":"19,20"}},{"content":"Full Pipeline","children":[],"payload":{"lines":"26,27"}}],"payload":{"lines":"5,6"}},{"content":"Privacy {G}uarantees in PPML","children":[{"content":"Object-Oriented Privacy Guarantee","children":[{"content":"Data Oriented","children":[],"payload":{"lines":"33,34"}},{"content":"Model Oriented","children":[],"payload":{"lines":"37,38"}}],"payload":{"lines":"32,33"}},{"content":"Pipeline-Orientied Privacy Guarantee","children":[{"content":"Model Generation Phase","children":[{"content":"Vanilla Local Privacy Guarantee","children":[],"payload":{"lines":"52,53"}},{"content":"Primary Local Privacy Guarantee","children":[],"payload":{"lines":"55,56"}},{"content":"Enhanced Local Privacy Guarantee","children":[],"payload":{"lines":"58,59"}}],"payload":{"lines":"46,47"}},{"content":"Model Serving Phase","children":[{"content":"Typical types of privacy leakage","children":[{"content":"Disclosure of Membership","children":[],"payload":{"lines":"64,65"}},{"content":"Class Representative","children":[],"payload":{"lines":"65,66"}},{"content":"Property","children":[],"payload":{"lines":"66,68"}}],"payload":{"lines":"63,64"}},{"content":"Global Model Privacy Guarantee","children":[],"payload":{"lines":"74,75"}}],"payload":{"lines":"61,62"}},{"content":"Full Privacy Guarantee","children":[],"payload":{"lines":"79,80"}}],"payload":{"lines":"40,41"}}],"payload":{"lines":"30,31"}},{"content":"Technical {U}tility in PPML","children":[{"content":"Data Publish Approach","children":[{"content":"Elimitation-based Approach","children":[{"content":"<span class=\"katex\"><span class=\"katex-mathml\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\"><semantics><mrow><mi>k</mi></mrow><annotation encoding=\"application/x-tex\">k</annotation></semantics></math></span><span class=\"katex-html\" aria-hidden=\"true\"><span class=\"base\"><span class=\"strut\" style=\"height:0.69444em;vertical-align:0em;\"></span><span class=\"mord mathnormal\" style=\"margin-right:0.03148em;\">k</span></span></span></span>-anonymity","children":[],"payload":{"lines":"106,107"}},{"content":"<span class=\"katex\"><span class=\"katex-mathml\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\"><semantics><mrow><mi>l</mi></mrow><annotation encoding=\"application/x-tex\">l</annotation></semantics></math></span><span class=\"katex-html\" aria-hidden=\"true\"><span class=\"base\"><span class=\"strut\" style=\"height:0.69444em;vertical-align:0em;\"></span><span class=\"mord mathnormal\" style=\"margin-right:0.01968em;\">l</span></span></span></span>-diversity","children":[],"payload":{"lines":"107,108"}},{"content":"<span class=\"katex\"><span class=\"katex-mathml\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\"><semantics><mrow><mi>t</mi></mrow><annotation encoding=\"application/x-tex\">t</annotation></semantics></math></span><span class=\"katex-html\" aria-hidden=\"true\"><span class=\"base\"><span class=\"strut\" style=\"height:0.61508em;vertical-align:0em;\"></span><span class=\"mord mathnormal\">t</span></span></span></span>-closeness","children":[],"payload":{"lines":"108,110"}}],"payload":{"lines":"102,103"}},{"content":"Perturbation-based Approach","children":[{"content":"Differential Privacy","children":[],"payload":{"lines":"111,112"}},{"content":"Sketching","children":[],"payload":{"lines":"112,114"}}],"payload":{"lines":"110,111"}},{"content":"Confusion-based Approach (Cryptography)","children":[{"content":"Symmetric encryption (e.g. AES) + Garbled circuits / Oblivious transfer","children":[],"payload":{"lines":"115,116"}},{"content":"Homomorphic encryption","children":[],"payload":{"lines":"116,117"}},{"content":"Functional encryption","children":[],"payload":{"lines":"117,119"}}],"payload":{"lines":"114,115"}}],"payload":{"lines":"100,101"}},{"content":"Data Processing Approach","children":[{"content":"Ordinary Computation","children":[{"content":"Elimination-based Approach","children":[],"payload":{"lines":"124,125"}},{"content":"Perturbation-based Approach","children":[],"payload":{"lines":"125,126"}}],"payload":{"lines":"121,122"}},{"content":"Secure Computation","children":[{"content":"Additive Mask based Approach","children":[{"content":"Pairwise Additive Masking Based Secure Computation Approach","children":[{"content":"<span class=\"katex\"><span class=\"katex-mathml\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\"><semantics><mrow><mi>t</mi></mrow><annotation encoding=\"application/x-tex\">t</annotation></semantics></math></span><span class=\"katex-html\" aria-hidden=\"true\"><span class=\"base\"><span class=\"strut\" style=\"height:0.61508em;vertical-align:0em;\"></span><span class=\"mord mathnormal\">t</span></span></span></span>-of-<span class=\"katex\"><span class=\"katex-mathml\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\"><semantics><mrow><mi>n</mi></mrow><annotation encoding=\"application/x-tex\">n</annotation></semantics></math></span><span class=\"katex-html\" aria-hidden=\"true\"><span class=\"base\"><span class=\"strut\" style=\"height:0.43056em;vertical-align:0em;\"></span><span class=\"mord mathnormal\">n</span></span></span></span> secret sharing","children":[],"payload":{"lines":"136,137"}},{"content":"Multi-Secret Sharing","children":[],"payload":{"lines":"137,138"}}],"payload":{"lines":"135,138"}},{"content":"Double Masking Pairwise Based Protocol","children":[{"content":"Prevents the failure happened in Pairwise Additive Masking","children":[],"payload":{"lines":"139,140"}}],"payload":{"lines":"138,140"}},{"content":"Anonymous Communication","children":[{"content":"DC-nets (Dining Cryptographers Networks)","children":[],"payload":{"lines":"141,142"}},{"content":"mix-nets","children":[],"payload":{"lines":"142,145"}}],"payload":{"lines":"140,145"}}],"payload":{"lines":"131,132"}},{"content":"Garbled Circuit based Approach","children":[],"payload":{"lines":"145,146"}},{"content":"Advanced Cryptography based Approach","children":[{"content":"Homomorphic Encryption","children":[],"payload":{"lines":"148,149"}},{"content":"Functional Encryption","children":[],"payload":{"lines":"149,150"}}],"payload":{"lines":"147,148"}},{"content":"Mixed Protocol Approach","children":[{"content":"TASTY","children":[],"payload":{"lines":"154,155"}},{"content":"ABY","children":[],"payload":{"lines":"155,156"}},{"content":"ABY<span class=\"katex\"><span class=\"katex-mathml\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\"><semantics><mrow><msup><mrow></mrow><mn>3</mn></msup></mrow><annotation encoding=\"application/x-tex\">^3</annotation></semantics></math></span><span class=\"katex-html\" aria-hidden=\"true\"><span class=\"base\"><span class=\"strut\" style=\"height:0.8141079999999999em;vertical-align:0em;\"></span><span class=\"mord\"><span></span><span class=\"msupsub\"><span class=\"vlist-t\"><span class=\"vlist-r\"><span class=\"vlist\" style=\"height:0.8141079999999999em;\"><span style=\"top:-3.063em;margin-right:0.05em;\"><span class=\"pstrut\" style=\"height:2.7em;\"></span><span class=\"sizing reset-size6 size3 mtight\"><span class=\"mord mtight\">3</span></span></span></span></span></span></span></span></span></span></span>","children":[],"payload":{"lines":"156,157"}},{"content":"CrypTen","children":[],"payload":{"lines":"157,158"}},{"content":"Falcon","children":[],"payload":{"lines":"158,160"}}],"payload":{"lines":"151,152"}},{"content":"Trusted Execution Environment Approach","children":[{"content":"Code Authentication","children":[],"payload":{"lines":"161,162"}},{"content":"Runtime State Integrity","children":[],"payload":{"lines":"162,163"}},{"content":"Confidentiality","children":[],"payload":{"lines":"163,165"}}],"payload":{"lines":"160,161"}}],"payload":{"lines":"127,128"}}],"payload":{"lines":"119,120"}},{"content":"Architectureal Appraoch","children":[{"content":"Delegation-based ML Architecture","children":[{"content":"CryptoML","children":[],"payload":{"lines":"169,170"}},{"content":"SecureML","children":[],"payload":{"lines":"170,172"}}],"payload":{"lines":"167,168"}},{"content":"Distributed Selective SGD Architecture","children":[],"payload":{"lines":"172,173"}},{"content":"Federated Learning Architecture","children":[],"payload":{"lines":"174,175"}},{"content":"Knowledge Transfer Architecture","children":[{"content":"Knowledge Distillation","children":[],"payload":{"lines":"178,179"}},{"content":"Model Compression","children":[],"payload":{"lines":"179,180"}},{"content":"Transfer Learning","children":[],"payload":{"lines":"180,182"}}],"payload":{"lines":"176,177"}}],"payload":{"lines":"165,166"}},{"content":"Hybrid Approach","children":[],"payload":{"lines":"182,183"}}],"payload":{"lines":"83,84"}}],"payload":{"lines":"0,1"}},{})</script>
+</body>
+</html>
diff --git a/objects.inv b/objects.inv
diff --git a/paper/gill2022ai.html b/paper/gill2022ai.html
@@ -369,10 +369,10 @@ <h2>Key Concepts and Terminologies<a class="headerlink" href="#key-concepts-and-
 </section>
 <section id="proposed-methodologies">
 <h2>Proposed Methodologies<a class="headerlink" href="#proposed-methodologies" title="Link to this heading">#</a></h2>
-<figure class="align-default" id="id42">
+<figure class="align-default" id="id43">
 <img alt="../_images/image-1.png" src="../_images/image-1.png" />
 <figcaption>
-<p><span class="caption-text">This figure is taken from the paper <span id="id4">[<a class="reference internal" href="#id40" title="Sukhpal Singh Gill, Minxian Xu, Carlo Ottaviani, Panos Patros, Rami Bahsoon, Arash Shaghaghi, Muhammed Golec, Vlado Stankovski, Huaming Wu, Ajith Abraham, and others. Ai for next generation computing: emerging trends and future directions. Internet of Things, 19:100514, 2022.">1</a>]</span></span><a class="headerlink" href="#id42" title="Link to this image">#</a></p>
+<p><span class="caption-text">This figure is taken from the paper <span id="id4">[<a class="reference internal" href="#id40" title="Sukhpal Singh Gill, Minxian Xu, Carlo Ottaviani, Panos Patros, Rami Bahsoon, Arash Shaghaghi, Muhammed Golec, Vlado Stankovski, Huaming Wu, Ajith Abraham, and others. Ai for next generation computing: emerging trends and future directions. Internet of Things, 19:100514, 2022.">1</a>]</span></span><a class="headerlink" href="#id43" title="Link to this image">#</a></p>
 </figcaption>
 </figure>
 <ul class="simple">
-Original file line number
+Diff line change
@@ Expand Up / @@ -65,6 +65,10 @@ KeyTerms @@
          - Software As A Service
          - Todo.
+       * - TEE
+         - Trusted Execution Environment
+         - Todo.
        * - V2X
          - Vehicle To Everything
          - Todo.
@@ Expand Down @@