Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Towards Secure Collaborative AI Service Chains
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datavetenskap.ORCID-id: 0000-0002-0128-4127
2019 (Engelska)Licentiatavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

At present, Artificial Intelligence (AI) systems have been adopted in many different domains such as healthcare, robotics, automotive, telecommunication systems, security, and finance for integrating intelligence in their services and applications. The intelligent personal assistant such as Siri and Alexa are examples of AI systems making an impact on our daily lives. Since many AI systems are data-driven systems, they require large volumes of data for training and validation, advanced algorithms, computing power and storage in their development process. Collaboration in the AI development process (AI engineering process) will reduce cost and time for the AI applications in the market. However, collaboration introduces the concern of privacy and piracy of intellectual properties, which can be caused by the actors who collaborate in the engineering process.  This work investigates the non-functional requirements, such as privacy and security, for enabling collaboration in AI service chains. It proposes an architectural design approach for collaborative AI engineering and explores the concept of the pipeline (service chain) for chaining AI functions. In order to enable controlled collaboration between AI artefacts in a pipeline, this work makes use of virtualisation technology to define and implement Virtual Premises (VPs), which act as protection wrappers for AI pipelines. A VP is a virtual policy enforcement point for a pipeline and requires access permission and authenticity for each element in a pipeline before the pipeline can be used.  Furthermore, the proposed architecture is evaluated in use-case approach that enables quick detection of design flaw during the initial stage of implementation. To evaluate the security level and compliance with security requirements, threat modeling was used to identify potential threats and vulnerabilities of the system and analyses their possible effects. The output of threat modeling was used to define countermeasure to threats related to unauthorised access and execution of AI artefacts.

Ort, förlag, år, upplaga, sidor
Karlskrona: Blekinge Tekniska Högskola, 2019. , s. 146
Serie
Blekinge Institute of Technology Licentiate Dissertation Series, ISSN 1650-2140 ; 11
Nationell ämneskategori
Telekommunikation
Identifikatorer
URN: urn:nbn:se:bth-18531ISBN: 978-91-7295-381-9 (tryckt)OAI: oai:DiVA.org:bth-18531DiVA, id: diva2:1341533
Presentation
2019-09-10, J1620, Campus Gräsvik, Karlskrona, 12:30 (Engelska)
Opponent
Handledare
Tillgänglig från: 2019-08-09 Skapad: 2019-08-09 Senast uppdaterad: 2019-09-03Bibliografiskt granskad
Delarbeten
1. On Resource Description Capabilities of On-Board Tools for Resource Management in Cloud Networking and NFV Infrastructures
Öppna denna publikation i ny flik eller fönster >>On Resource Description Capabilities of On-Board Tools for Resource Management in Cloud Networking and NFV Infrastructures
Visa övriga...
2016 (Engelska)Ingår i: 2016 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS WORKSHOPS (ICC), 2016, s. 442-447Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

The rapid adoption of networks that are based on "cloudification" and Network Function Virtualisation (NFV) comes from the anticipated high cost savings of up to 70% in their build and operation. The high savings are founded in the use of general standard servers, instead of single-purpose hardware, and by efficiency resource sharing through virtualisation concepts. In this paper, we discuss the capabilities of resource description of "on-board" tools, i.e. using standard Linux commands, to enable OPEX savings. We put a focus on monitoring resources on small time-scales and on the variation observed on such scales. We introduce a QoE-based comparative concept that relates guest and host views on "utilisation" and "load" for the analysis of the variations. We describe the order of variations in "utilisation" and "load" by measurement and by graphical analysis of the measurements. We do these evaluations for different host operating systems and monitoring tools.

Serie
IEEE International Conference on Communications Workshops, ISSN 2164-7038
Nationell ämneskategori
Kommunikationssystem
Identifikatorer
urn:nbn:se:bth-11902 (URN)000386326800074 ()978-1-5090-0448-5 (ISBN)
Konferens
IEEE International Conference on Communications (ICC), Kuala Lumpur
Anmärkning

Held in conjunction with the IEEE International Conference on Communications (ICC 2016)

Tillgänglig från: 2016-05-21 Skapad: 2016-05-21 Senast uppdaterad: 2019-08-09Bibliografiskt granskad
2. Flexible Privacy and High Trust in the Next Generation Internet: The Use Case of a Cloud-based Marketplace for AI
Öppna denna publikation i ny flik eller fönster >>Flexible Privacy and High Trust in the Next Generation Internet: The Use Case of a Cloud-based Marketplace for AI
2017 (Engelska)Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Cloudified architectures facilitate resource ac-cess and sharing which is independent from physical lo-cations. They permit high availability of resources at lowoperational costs. These advantages, however, do not comefor free. End users might fear that they lose control overthe location of their data and, thus, of their autonomy indeciding to whom the data is communicate to. Thus, strongprivacy and trust concerns arise for end users.In this work we will review and investigate privacy andtrust requirements for Cloud systems in general and for acloud-based marketplace (CMP) for AI in particular. We willinvestigate whether and how the current privacy and trustdimensions can be applied to Clouds and for the design ofa CMP. We also propose the concept of a "virtual premise"for enabling "Privacy-by-Design" [1] in Clouds. The ideaof a "virtual premise" might probably not be a universalsolution for any privacy requirement. However, we expectthat it provides flexibility in designing privacy in Cloudsand thus leading to higher trust.

Ort, förlag, år, upplaga, sidor
Halmstad university, 2017
Nyckelord
marketplace, privacy, trust, cloud computing
Nationell ämneskategori
Telekommunikation
Identifikatorer
urn:nbn:se:bth-14963 (URN)
Konferens
SNCNW - Swedish National Computer Networking Workshop, Halmstad
Projekt
Horizon 2020 Bonseyes
Forskningsfinansiär
EU, Horisont 2020, 732204
Tillgänglig från: 2017-07-25 Skapad: 2017-07-25 Senast uppdaterad: 2019-08-09Bibliografiskt granskad
3. Privacy and DRM Requirements for Collaborative Development of AI Application
Öppna denna publikation i ny flik eller fönster >>Privacy and DRM Requirements for Collaborative Development of AI Application
2018 (Engelska)Ingår i: ACM International Conference Proceeding Series, Association for Computing Machinery (ACM), 2018, artikel-id 3233268Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

The use of data is essential for the capabilities of Data-driven Artificial intelligence (AI), Deep Learning and Big Data analysis techniques. This data usage, however, raises intrinsically the concerns on data privacy. In addition, supporting collaborative development of AI applications across organisations has become a major need in AI system design. Digital Rights Management (DRM) is required to protect intellectual property in such collaboration. As a consequence of DRM, privacy threats and privacy-enforcing mechanisms will interact with each other.

This paper describes the privacy and DRM requirements in collaborative AI system design using AI pipelines. It describes the relationships between DRM and privacy and outlines the threats against these non-functional features. Finally, the paper provides first security architecture to protect against the threats on DRM and privacy in collaborative AI design using AI pipelines. 

Ort, förlag, år, upplaga, sidor
Association for Computing Machinery (ACM), 2018
Nyckelord
Privacy, DRM, AI, collaborative
Nationell ämneskategori
Telekommunikation
Identifikatorer
urn:nbn:se:bth-16867 (URN)10.1145/3230833.3233268 (DOI)000477981800053 ()978-1-4503-6448-5 (ISBN)
Konferens
13th International Conference on Availability, Reliability and Security, ARES; Hamburg; Germany; 27 August 2018 through 30 August
Projekt
H2020 Bonseyes
Forskningsfinansiär
EU, Horisont 2020, 732204
Tillgänglig från: 2018-08-14 Skapad: 2018-08-14 Senast uppdaterad: 2019-09-10Bibliografiskt granskad
4. Designing a Secure IoT System Architecture from a Virtual Premise for a Collaborative AI Lab
Öppna denna publikation i ny flik eller fönster >>Designing a Secure IoT System Architecture from a Virtual Premise for a Collaborative AI Lab
2019 (Engelska)Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

IoT systems are increasingly composed out of flexible, programmable, virtualised, and arbitrarily chained IoT elements and services using portable code. Moreover, they might be sliced, i.e. allowing multiple logical IoT systems (network + application) to run on top of a shared physical network and compute infrastructure. However, implementing and designing particularly security mechanisms for such IoT systems is challenging since a) promising technologies are still maturing, and b) the relationships among the many requirements, technologies and components are difficult to model a-priori.

The aim of the paper is to define design cues for the security architecture and mechanisms of future, virtualised, arbitrarily chained, and eventually sliced IoT systems. Hereby, our focus is laid on the authorisation and authentication of user, host, and code integrity in these virtualised systems. The design cues are derived from the design and implementation of a secure virtual environment for distributed and collaborative AI system engineering using so called AI pipelines. The pipelines apply chained virtual elements and services and facilitate the slicing of the system. The virtual environment is denoted for short as the virtual premise (VP). The use-case of the VP for AI design provides insight into the complex interactions in the architecture, leading us to believe that the VP concept can be generalised to the IoT systems mentioned above. In addition, the use-case permits to derive, implement, and test solutions. This paper describes the flexible architecture of the VP and the design and implementation of access and execution control in virtual and containerised environments. 

Nyckelord
IoT, AI, Security, Authentication, Collaboration
Nationell ämneskategori
Telekommunikation
Identifikatorer
urn:nbn:se:bth-17550 (URN)10.14722/diss.2019.23006 (DOI)1-891562-56-8 (ISBN)
Konferens
Workshop on Decentralized IoT Systems and Security (DISS) 24 February 2019, San Diego, CA,
Forskningsfinansiär
EU, Horisont 2020, 732204
Tillgänglig från: 2019-01-30 Skapad: 2019-01-30 Senast uppdaterad: 2019-08-09Bibliografiskt granskad

Open Access i DiVA

fulltext(11643 kB)37 nedladdningar
Filinformation
Filnamn FULLTEXT03.pdfFilstorlek 11643 kBChecksumma SHA-512
ab1cebec2d93675ef9e4d3e6a2689d55038466bcc1f5230e530960d44ae695001fa45316266be662ae9f3b2f1ce6f3e2d293161545c905f6266d3b70e4ba2da5
Typ fulltextMimetyp application/pdf

Sök vidare i DiVA

Av författaren/redaktören
Ahmadi Mehri, Vida
Av organisationen
Institutionen för datavetenskap
Telekommunikation

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 73 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

isbn
urn-nbn

Altmetricpoäng

isbn
urn-nbn
Totalt: 895 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf