Federated Machine Learning Across Hybrid Clouds: Balancing Security and Privacy

Authors

  • Sri Ramya Deevi Booz Allen Hamilton

DOI:

https://doi.org/10.47941/ijce.3191

Keywords:

Federated Machine Learning (FML), Hybrid Cloud, Differential Privacy, Secure Aggregation, Data Sovereignty, Distributed Learning

Abstract

Purpose: The purpose of this study is to examine the application of Federated Machine Learning (FML) within hybrid cloud environments, where public and private infrastructures coexist. While FML inherently enhances privacy by keeping data localized, its deployment in hybrid clouds introduces complex challenges regarding data security, compliance, and trust. This article aims to identify the critical trade-offs between model accuracy, computational efficiency, and privacy preservation, while proposing a framework to address these issues.

Methodology: Evaluating adversarial attacks and data leakage risks specific to distributed and hybrid cloud contexts. Investigating privacy-preserving techniques such as differential privacy, secure multiparty computation, and trusted execution environments, with a focus on their scalability and performance in hybrid deployments. Designing a security-aware framework that balances trust management, policy enforcement, and data protection across hybrid cloud infrastructures. Conducting scenario-based analyses to demonstrate how organizations can implement federated learning within hybrid clouds while meeting compliance and data sovereignty requirements.

Findings: The findings reveal that federated learning in hybrid clouds can provide significant benefits in terms of privacy and regulatory compliance. Organizations must balance performance metrics, such as model accuracy and training efficiency, with stringent security requirements. Differential privacy and secure multiparty computation offer strong protection but may degrade efficiency, while trusted execution environments present a middle ground with practical benefits for hybrid scenarios.

Unique Contribution to Theory, Policy and Practice: The proposed security-aware framework supports adaptable and resilient implementations, helping organizations enforce policies, manage trust relationships, and safeguard sensitive data. Effective adoption requires aligning technical safeguards with regulatory mandates, ensuring that privacy-preserving strategies remain adaptable across evolving multi-cloud ecosystems.

Downloads

Download data is not yet available.

References

[1] Konečný, J., McMahan, H. B., et al., “Federated Learning: Strategies for Improving Communication Efficiency,” arXiv preprint arXiv:1610.05492, 2016.

[2] Rieke, N., et al., “The future of digital health with federated learning,” NPJ Digital Medicine, vol. 3, no. 1, pp. 1–7, 2020.

[3] Zhang, Y., et al., “Securing Data in Hybrid Clouds: Challenges and Solutions,” IEEE Cloud Computing, vol. 3, no. 1, pp. 58–66, Jan./Feb. 2016.

[4] Dwork, C., Roth, A., “The Algorithmic Foundations of Differential Privacy,” Found. Trends Theor. Comput. Sci., vol. 9, no. 3–4, pp. 211–407, 2014.

[5] Mohassel, P., Zhang, Y., “SecureML: A system for scalable privacy-preserving machine learning,” in IEEE Symposium on Security and Privacy (SP), 2017, pp. 19–38.

[6] McMahan, H. B., Moore, E., Ramage, D., et al., “Communication-efficient learning of deep networks from decentralized data,” in Proc. 20th Int. Conf. Artificial Intelligence and Statistics (AISTATS), 2017, pp. 1273–1282.

[7] Sattler, F., Wiedemann, S., Müller, K.-R., et al., “Robust and communication-efficient federated learning from non-iid data,” IEEE Trans. Neural Netw. Learn. Syst., vol. 31, no. 9, pp. 3400–3413, Sept. 2020.

[8] Gai, K., Qiu, M., Zhao, H., “Security and privacy issues: A survey on federated learning,” Future Generation Computer Systems, vol. 105, pp. 719–727, Apr. 2020.

[9] Qu, Y., Wu, D., Xu, J., et al., “Blockchain-based federated learning with hybrid cloud architecture,” IEEE Internet of Things Journal, vol. 9, no. 7, pp. 5072–5084, Apr. 2022.

[10] Zhang, Q., Yang, L. T., Chen, Z., et al., “A survey on deep learning for big data,” Information Fusion, vol. 42, pp. 146–157, Jul. 2018.

[11] Sheller, M. J., Edwards, B., Reina, G. A., et al., “Federated learning in medicine: facilitating multi-institutional collaborations without sharing patient data,” Scientific Reports, vol. 10, no. 1, p. 12598, 2020.

[12] Shamsabadi, A. S., Bertran, A., Zolfaghari, P., et al., “Distributed machine learning in edge computing: A review,” IEEE Internet of Things Journal, vol. 10, no. 3, pp. 1572–1589, Feb. 2023.

[13] Bonawitz, K., Eichner, H., Grieskamp, W., et al., “Towards federated learning at scale: System design,” in Proc. 2nd SysML Conf., Palo Alto, CA, USA, 2019.

[14] Yang, Q., Liu, Y., Chen, T., et al., “Federated machine learning: Concept and applications,” ACM Transactions on Intelligent Systems and Technology (TIST), vol. 10, no. 2, pp. 1–19, Jan. 2019.

[15] Melis, L., Song, C., De Cristofaro, E., et al., “Exploiting Unintended Feature Leakage in Collaborative Learning,” in IEEE Symposium on Security and Privacy (SP), 2019, pp. 691–706.

[16] Fredrikson, M., Jha, S., Ristenpart, T., “Model inversion attacks that exploit confidence information and basic countermeasures,” in Proc. 22nd ACM SIGSAC Conf. on Computer and Communications Security (CCS), 2015, pp. 1322–1333.

[17] Shokri, R., Stronati, M., Song, C., et al., “Membership inference attacks against machine learning models,” in IEEE Symposium on Security and Privacy (SP), 2017, pp. 3–18.

[18] Zhang, Y., Chen, X., Wang, J., et al., “Security and Privacy in Smart City Applications: Challenges and Solutions,” IEEE Communications Magazine, vol. 58, no. 3, pp. 20–26, Mar. 2020.

[19] Bhagoji, A. N., Chakraborty, S., Mittal, P., et al., “Analyzing federated learning through an adversarial lens,” in Proc. 36th Int. Conf. Machine Learning (ICML), 2019, pp. 634–643.

[20] Bonawitz, K., Ivanov, V., Kreuter, B., et al., “Practical Secure Aggregation for Privacy-Preserving Machine Learning,” in Proc. ACM Conf. Computer and Communications Security (CCS), 2017, pp. 1175–1191.

[21] Abadi, M., Chu, A., Goodfellow, I., et al., “Deep learning with differential privacy,” in Proc. ACM SIGSAC Conf. on Computer and Communications Security (CCS), 2016, pp. 308–318.

[22] Bonawitz, K., Ivanov, V., Kreuter, B., et al., “Practical secure aggregation for privacy-preserving machine learning,” in Proc. ACM Conf. Computer and Communications Security (CCS), 2017, pp. 1175–1191.

[23] Acar, A., Aksu, H., Uluagac, A. S., et al., “A survey on homomorphic encryption schemes: Theory and implementation,” ACM Computing Surveys (CSUR), vol. 51, no. 4, pp. 1–35, Jul. 2018.

[24] Costan, V., Devadas, S., “Intel SGX explained,” IACR Cryptology ePrint Archive, vol. 2016, p. 86, 2016.

[25] Kim, H.-M., Laskowski, M., “Toward an ontology-driven blockchain design for supply-chain provenance,” Intelligent Systems in Accounting, Finance and Management, vol. 25, no. 1, pp. 18–27, Jan. 2018.

[26] Geyer, R. C., Klein, T., Nabi, M., “Differentially private federated learning: A client level perspective,” arXiv preprint arXiv:1712.07557, 2017.

[27] Mohassel, P., Zhang, Y., “SecureML: A system for scalable privacy-preserving machine learning,” in IEEE Symposium on Security and Privacy (SP), 2017, pp. 19–38.

[28] Tramer, F., Zhang, F., Juels, A., et al., “Stealing machine learning models via prediction APIs,” in 25th USENIX Security Symposium, 2016, pp. 601–618.

[29] Kairouz, P., McMahan, H. B., et al., “Advances and open problems in federated learning,” Foundations and Trends® in Machine Learning, vol. 14, no. 1–2, pp. 1–210, 2021.

[30] Veale, M., Binns, R., “Fairer machine learning in the real world: Mitigating discrimination without collecting sensitive data,” Big Data & Society, vol. 4, no. 2, pp. 1–17, 2017.

[31] Li, T., Sahu, A. K., Talwalkar, A., et al., “Federated learning: Challenges, methods, and future directions,” IEEE Signal Processing Magazine, vol. 37, no. 3, pp. 50–60, May 2020.

[32] Dwork, C., Roth, A., “The Algorithmic Foundations of Differential Privacy,” Foundations and Trends® in Theoretical Computer Science, vol. 9, no. 3–4, pp. 211–407, 2014.

[33] Kairouz, P., McMahan, H. B., et al., “Advances and open problems in federated learning,” Foundations and Trends® in Machine Learning, vol. 14, no. 1–2, pp. 1–210, 2021.

[34] Costan, V., Devadas, S., “Intel SGX Explained,” IACR Cryptology ePrint Archive, vol. 2016, p. 86, 2016.

[35] Zhang, R., Xue, R., Liu, L., “Security and privacy on blockchain,” ACM Computing Surveys (CSUR), vol. 52, no. 3, pp. 1–34, 2019.

Downloads

Published

2023-08-22

How to Cite

Deevi, S. R. (2023). Federated Machine Learning Across Hybrid Clouds: Balancing Security and Privacy. International Journal of Computing and Engineering, 3(2), 10–20. https://doi.org/10.47941/ijce.3191

Issue

Vol. 3 No. 2 (2023)

Section

Articles

License

Copyright (c) 2023 Sri Ramya Deevi

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.