27,178 research outputs found
Federated Neural Architecture Search
To preserve user privacy while enabling mobile intelligence, techniques have
been proposed to train deep neural networks on decentralized data. However,
training over decentralized data makes the design of neural architecture quite
difficult as it already was. Such difficulty is further amplified when
designing and deploying different neural architectures for heterogeneous mobile
platforms. In this work, we propose an automatic neural architecture search
into the decentralized training, as a new DNN training paradigm called
Federated Neural Architecture Search, namely federated NAS. To deal with the
primary challenge of limited on-client computational and communication
resources, we present FedNAS, a highly optimized framework for efficient
federated NAS. FedNAS fully exploits the key opportunity of insufficient model
candidate re-training during the architecture search process, and incorporates
three key optimizations: parallel candidates training on partial clients, early
dropping candidates with inferior performance, and dynamic round numbers.
Tested on large-scale datasets and typical CNN architectures, FedNAS achieves
comparable model accuracy as state-of-the-art NAS algorithm that trains models
with centralized data, and also reduces the client cost by up to two orders of
magnitude compared to a straightforward design of federated NAS
ESPOON: Enforcing Security Policies In Outsourced Environments
Data outsourcing is a growing business model offering services to individuals
and enterprises for processing and storing a huge amount of data. It is not
only economical but also promises higher availability, scalability, and more
effective quality of service than in-house solutions. Despite all its benefits,
data outsourcing raises serious security concerns for preserving data
confidentiality. There are solutions for preserving confidentiality of data
while supporting search on the data stored in outsourced environments. However,
such solutions do not support access policies to regulate access to a
particular subset of the stored data.
For complex user management, large enterprises employ Role-Based Access
Controls (RBAC) models for making access decisions based on the role in which a
user is active in. However, RBAC models cannot be deployed in outsourced
environments as they rely on trusted infrastructure in order to regulate access
to the data. The deployment of RBAC models may reveal private information about
sensitive data they aim to protect. In this paper, we aim at filling this gap
by proposing \textbf{} for enforcing RBAC policies in
outsourced environments. enforces RBAC policies in an
encrypted manner where a curious service provider may learn a very limited
information about RBAC policies. We have implemented
and provided its performance evaluation showing a limited overhead, thus
confirming viability of our approach.Comment: The final version of this paper has been accepted for publication in
Elsevier Computers & Security 2013. arXiv admin note: text overlap with
arXiv:1306.482
Privacy Preserving Enforcement of Sensitive Policies in Outsourced and Distributed Environments
The enforcement of sensitive policies in untrusted environments is still an
open challenge for policy-based systems. On the one hand, taking any
appropriate security decision requires access to these policies. On the other
hand, if such access is allowed in an untrusted environment then confidential
information might be leaked by the policies. The key challenge is how to
enforce sensitive policies and protect content in untrusted environments. In
the context of untrusted environments, we mainly distinguish between outsourced
and distributed environments. The most attractive paradigms concerning
outsourced and distributed environments are cloud computing and opportunistic
networks, respectively.
In this dissertation, we present the design, technical and implementation
details of our proposed policy-based access control mechanisms for untrusted
environments. First of all, we provide full confidentiality of access policies
in outsourced environments, where service providers do not learn private
information about policies. We support expressive policies and take into
account contextual information. The system entities do not share any encryption
keys. For complex user management, we offer the full-fledged Role-Based Access
Control (RBAC) policies.
In opportunistic networks, we protect content by specifying expressive
policies. In our proposed approach, brokers match subscriptions against
policies associated with content without compromising privacy of subscribers.
As a result, unauthorised brokers neither gain access to content nor learn
policies and authorised nodes gain access only if they satisfy policies
specified by publishers. Our proposed system provides scalable key management
in which loosely-coupled publishers and subscribers communicate without any
prior contact. Finally, we have developed a prototype of the system that runs
on real smartphones and analysed its performance.Comment: Ph.D. Dissertation. http://eprints-phd.biblio.unitn.it/1124
- …