Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Towards Secure Collaborative AI Service Chains
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datavetenskap.ORCID-id: 0000-0002-0128-4127
2019 (engelsk)Licentiatavhandling, med artikler (Annet vitenskapelig)
Abstract [en]

At present, Artificial Intelligence (AI) systems have been adopted in many different domains such as healthcare, robotics, automotive, telecommunication systems, security, and finance for integrating intelligence in their services and applications. The intelligent personal assistant such as Siri and Alexa are examples of AI systems making an impact on our daily lives. Since many AI systems are data-driven systems, they require large volumes of data for training and validation, advanced algorithms, computing power and storage in their development process. Collaboration in the AI development process (AI engineering process) will reduce cost and time for the AI applications in the market. However, collaboration introduces the concern of privacy and piracy of intellectual properties, which can be caused by the actors who collaborate in the engineering process.  This work investigates the non-functional requirements, such as privacy and security, for enabling collaboration in AI service chains. It proposes an architectural design approach for collaborative AI engineering and explores the concept of the pipeline (service chain) for chaining AI functions. In order to enable controlled collaboration between AI artefacts in a pipeline, this work makes use of virtualisation technology to define and implement Virtual Premises (VPs), which act as protection wrappers for AI pipelines. A VP is a virtual policy enforcement point for a pipeline and requires access permission and authenticity for each element in a pipeline before the pipeline can be used.  Furthermore, the proposed architecture is evaluated in use-case approach that enables quick detection of design flaw during the initial stage of implementation. To evaluate the security level and compliance with security requirements, threat modeling was used to identify potential threats and vulnerabilities of the system and analyses their possible effects. The output of threat modeling was used to define countermeasure to threats related to unauthorised access and execution of AI artefacts.

sted, utgiver, år, opplag, sider
Karlskrona: Blekinge Tekniska Högskola, 2019. , s. 146
Serie
Blekinge Institute of Technology Licentiate Dissertation Series, ISSN 1650-2140 ; 11
HSV kategori
Identifikatorer
URN: urn:nbn:se:bth-18531ISBN: 978-91-7295-381-9 (tryckt)OAI: oai:DiVA.org:bth-18531DiVA, id: diva2:1341533
Presentation
2019-09-10, J1620, Campus Gräsvik, Karlskrona, 12:30 (engelsk)
Opponent
Veileder
Tilgjengelig fra: 2019-08-09 Laget: 2019-08-09 Sist oppdatert: 2019-09-03bibliografisk kontrollert
Delarbeid
1. On Resource Description Capabilities of On-Board Tools for Resource Management in Cloud Networking and NFV Infrastructures
Åpne denne publikasjonen i ny fane eller vindu >>On Resource Description Capabilities of On-Board Tools for Resource Management in Cloud Networking and NFV Infrastructures
Vise andre…
2016 (engelsk)Inngår i: 2016 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS WORKSHOPS (ICC), 2016, s. 442-447Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

The rapid adoption of networks that are based on "cloudification" and Network Function Virtualisation (NFV) comes from the anticipated high cost savings of up to 70% in their build and operation. The high savings are founded in the use of general standard servers, instead of single-purpose hardware, and by efficiency resource sharing through virtualisation concepts. In this paper, we discuss the capabilities of resource description of "on-board" tools, i.e. using standard Linux commands, to enable OPEX savings. We put a focus on monitoring resources on small time-scales and on the variation observed on such scales. We introduce a QoE-based comparative concept that relates guest and host views on "utilisation" and "load" for the analysis of the variations. We describe the order of variations in "utilisation" and "load" by measurement and by graphical analysis of the measurements. We do these evaluations for different host operating systems and monitoring tools.

Serie
IEEE International Conference on Communications Workshops, ISSN 2164-7038
HSV kategori
Identifikatorer
urn:nbn:se:bth-11902 (URN)000386326800074 ()978-1-5090-0448-5 (ISBN)
Konferanse
IEEE International Conference on Communications (ICC), Kuala Lumpur
Merknad

Held in conjunction with the IEEE International Conference on Communications (ICC 2016)

Tilgjengelig fra: 2016-05-21 Laget: 2016-05-21 Sist oppdatert: 2019-08-09bibliografisk kontrollert
2. Flexible Privacy and High Trust in the Next Generation Internet: The Use Case of a Cloud-based Marketplace for AI
Åpne denne publikasjonen i ny fane eller vindu >>Flexible Privacy and High Trust in the Next Generation Internet: The Use Case of a Cloud-based Marketplace for AI
2017 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Cloudified architectures facilitate resource ac-cess and sharing which is independent from physical lo-cations. They permit high availability of resources at lowoperational costs. These advantages, however, do not comefor free. End users might fear that they lose control overthe location of their data and, thus, of their autonomy indeciding to whom the data is communicate to. Thus, strongprivacy and trust concerns arise for end users.In this work we will review and investigate privacy andtrust requirements for Cloud systems in general and for acloud-based marketplace (CMP) for AI in particular. We willinvestigate whether and how the current privacy and trustdimensions can be applied to Clouds and for the design ofa CMP. We also propose the concept of a "virtual premise"for enabling "Privacy-by-Design" [1] in Clouds. The ideaof a "virtual premise" might probably not be a universalsolution for any privacy requirement. However, we expectthat it provides flexibility in designing privacy in Cloudsand thus leading to higher trust.

sted, utgiver, år, opplag, sider
Halmstad university, 2017
Emneord
marketplace, privacy, trust, cloud computing
HSV kategori
Identifikatorer
urn:nbn:se:bth-14963 (URN)
Konferanse
SNCNW - Swedish National Computer Networking Workshop, Halmstad
Prosjekter
Horizon 2020 Bonseyes
Forskningsfinansiär
EU, Horizon 2020, 732204
Tilgjengelig fra: 2017-07-25 Laget: 2017-07-25 Sist oppdatert: 2019-08-09bibliografisk kontrollert
3. Privacy and DRM Requirements for Collaborative Development of AI Application
Åpne denne publikasjonen i ny fane eller vindu >>Privacy and DRM Requirements for Collaborative Development of AI Application
2019 (engelsk)Inngår i: ACM International Conference Proceeding Series, Association for Computing Machinery (ACM), 2019, artikkel-id 3233268Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

The use of data is essential for the capabilities of Data-driven Artificial intelligence (AI), Deep Learning and Big Data analysis techniques. This data usage, however, raises intrinsically the concerns on data privacy. In addition, supporting collaborative development of AI applications across organisations has become a major need in AI system design. Digital Rights Management (DRM) is required to protect intellectual property in such collaboration. As a consequence of DRM, privacy threats and privacy-enforcing mechanisms will interact with each other.

This paper describes the privacy and DRM requirements in collaborative AI system design using AI pipelines. It describes the relationships between DRM and privacy and outlines the threats against these non-functional features. Finally, the paper provides first security architecture to protect against the threats on DRM and privacy in collaborative AI design using AI pipelines. 

sted, utgiver, år, opplag, sider
Association for Computing Machinery (ACM), 2019
Emneord
Privacy, DRM, AI, collaborative
HSV kategori
Identifikatorer
urn:nbn:se:bth-16867 (URN)10.1145/3230833.3233268 (DOI)000477981800053 ()978-1-4503-6448-5 (ISBN)
Konferanse
13th International Conference on Availability, Reliability and Security, ARES; Hamburg; Germany; 27 August 2018 through 30 August
Prosjekter
H2020 Bonseyes
Forskningsfinansiär
EU, Horizon 2020, 732204
Tilgjengelig fra: 2018-08-14 Laget: 2018-08-14 Sist oppdatert: 2020-01-24bibliografisk kontrollert
4. Designing a Secure IoT System Architecture from a Virtual Premise for a Collaborative AI Lab
Åpne denne publikasjonen i ny fane eller vindu >>Designing a Secure IoT System Architecture from a Virtual Premise for a Collaborative AI Lab
2019 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

IoT systems are increasingly composed out of flexible, programmable, virtualised, and arbitrarily chained IoT elements and services using portable code. Moreover, they might be sliced, i.e. allowing multiple logical IoT systems (network + application) to run on top of a shared physical network and compute infrastructure. However, implementing and designing particularly security mechanisms for such IoT systems is challenging since a) promising technologies are still maturing, and b) the relationships among the many requirements, technologies and components are difficult to model a-priori.

The aim of the paper is to define design cues for the security architecture and mechanisms of future, virtualised, arbitrarily chained, and eventually sliced IoT systems. Hereby, our focus is laid on the authorisation and authentication of user, host, and code integrity in these virtualised systems. The design cues are derived from the design and implementation of a secure virtual environment for distributed and collaborative AI system engineering using so called AI pipelines. The pipelines apply chained virtual elements and services and facilitate the slicing of the system. The virtual environment is denoted for short as the virtual premise (VP). The use-case of the VP for AI design provides insight into the complex interactions in the architecture, leading us to believe that the VP concept can be generalised to the IoT systems mentioned above. In addition, the use-case permits to derive, implement, and test solutions. This paper describes the flexible architecture of the VP and the design and implementation of access and execution control in virtual and containerised environments. 

Emneord
IoT, AI, Security, Authentication, Collaboration
HSV kategori
Identifikatorer
urn:nbn:se:bth-17550 (URN)10.14722/diss.2019.23006 (DOI)1-891562-56-8 (ISBN)
Konferanse
Workshop on Decentralized IoT Systems and Security (DISS) 24 February 2019, San Diego, CA,
Forskningsfinansiär
EU, Horizon 2020, 732204
Tilgjengelig fra: 2019-01-30 Laget: 2019-01-30 Sist oppdatert: 2019-08-09bibliografisk kontrollert

Open Access i DiVA

fulltext(11643 kB)48 nedlastinger
Filinformasjon
Fil FULLTEXT03.pdfFilstørrelse 11643 kBChecksum SHA-512
ab1cebec2d93675ef9e4d3e6a2689d55038466bcc1f5230e530960d44ae695001fa45316266be662ae9f3b2f1ce6f3e2d293161545c905f6266d3b70e4ba2da5
Type fulltextMimetype application/pdf

Søk i DiVA

Av forfatter/redaktør
Ahmadi Mehri, Vida
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 84 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

isbn
urn-nbn

Altmetric

isbn
urn-nbn
Totalt: 943 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf