Machine learning as a service: Can privacy be taught?

Machine learning is one of the hottest disciplines in computer science today. So hot, in fact, that cloud providers are doing a good and rapidly growing business in machine-learning-as-a-service (MLaaS).

But these services come with a caveat: all the training data must be revealed to the service operator. Even if the service operator does not intentionally access the data, someone with nefarious motives may. Or their may be legal reasons to preserve privacy, such as with health data.

In a recent paper, Chiron: Privacy-preserving Machine Learning as a Service Tyler Hunt, of the University of Texas, and others, presents a system that preserves privacy while enabling the use of cloud MLaaS.

PRIVACY CUTS BOTH WAYS

While users may not wish to reveal their training data, the service providers have privacy concerns of their own. They typically do not allow customers to see the algorithms under their MLaaS technology.

To that end,

. . . Chiron conceals the training data from the service operator. [And] in keeping with how many existing ML-as-a-service platforms work, Chiron reveals neither the training algorithm nor the model structure to the user, providing only black-box access to the trained model.

Chiron uses Intel's Software Guard Extensions (SGX) secure enclaves, an architecture designed to increase the security of application code. But SGX alone isn't enough. Chiron also uses the SGX platform for Ryoan sandbox, a distributed, protected sandbox that secures untrusted user code from malicious infrastructure, such as you might find in the cloud.

THREAT MODEL

Chiron's goal is to protect the user's training data, as well as trained model queries and outputs, while in the cloud. To that end:

We assume that the entire platform is untrusted, including the . . . operating system and hypervisor. The attacker could be the machine's owner and operator, a curious or even malicious administrator, or an invader who has taken control of the OS and/or hypervisor. The attacker . . . could even be a malicious OS developer and add functionality that directly records user input.

Since trained models can leak training data through certain queries, Chiron ensures that only the entity that supplied the training data can query the resulting model. Even an attacker with complete control of the infrastructure could not query the model to access training data.

Seems comprehensive enough, but there are issues with the underlying hardware.

LIMITATIONS

SGX itself is not bulletproof. In particular, Intel's Performance Monitoring Unit (PMU), enables an untrusted platform to peer deeply into what the system is doing.

The current specification for SGX allows privileged software to manipulate the page tables of an enclave to observe its code and data trace at page-level granularity. This can lead to devastating attacks. . . .

Since Chiron relies on Intel's SGX, it can't be used with GPUs, since these lack an SGX-like facility. So the current implementation is far from ideal until the GPU vendors also start taking security seriously.

PERFORMANCE

Despite the limitations, Hunt et. al. tested Chiron and found that its performance was competitive with standard, unprotected, infrastructures.

THE STORAGE BITS TAKE

The little Dutch boy had it easy: he could plug a hole in the dike with one finger. In our modern, massive data world, there are millions of holes, exploitable in thousands of ways.

Perfect security doesn't seem likely, but we can certainly do better than we have been; right, Facebook? If we can make it harder, we'll knock out the cyber street criminals - muggers - and leave the field to big, well-financed players, against which we can field big, well-financed, tools, such as Chiron.

Hold on to your hats. Big Data is taking us on a wild ride.

http://www.zdnet.com

To understand big data, convert it to sound

Humans are far better at identifying data pattern changes audibly than they are graphically in two dimensions, researchers exploring a radical concept say. They think that servers full of big data would be far more understandable if the numbers were all moved off the computer screens or hardcopies and sonified, or converted into sound.

That's because when listening to music, nuances, can jump out at you — a bad note, for example. And researchers at Virginia Tech say the same thing may apply with number crunching. Data-set anomaly spotting, or comprehension overall, could be enhanced.

The team behind a project to prove this is testing the theory with a recently built 129-loudspeaker array installed in a giant immersive cube in Virginia Tech’s performance space/science lab, the school's Moss Arts Center.

How researchers are testing their big data theory

The earth’s upper-atmosphere data sets are the test subjects being used, with each bit of atmospheric data converted into a unique sound. The pieces of audio are varied by using changes in amplitude, pitch, and volume.

The school’s immersive Cube contains one of the biggest multichannel audio systems in the world, the university claims, and sounds are produced in a special 360-degree 3D format.

“Users experience spatial sound, which means they can hear everything around them,” the school says in a news article. “Sounds [are] actually placed in specific spots in the room.”

Each section of the globe’s atmosphere is assigned to one of the Cube’s 129 speakers, which are arranged to project audio in a half-dome-like pattern, thus replicating a hemisphere. Participants wander the Cube while operating an interface that lets them rewind the 3D sounds, zoom in, slow down the audio, and so on.

The gesture-based interface they carry then captures the study user data (which amusingly, in turn, needs to be analyzed).

“It makes sense that we would want to go beyond two-dimensional graphical models of information and make new discoveries using senses other than our eyes,” says Ivica Ico Bukvic, in another article on university's website. He is associate professor of music composition and multimedia in the Virginia Tech's College of Liberal Arts and Human Sciences and one of the collaborators. He is working with Greg Earle, an electrical and computer engineering professor.

Spatial, immersive representation of big data through sound “is a relatively unexplored area of research, yet provides a unique perspective,” Virginia Tech said of the Spatial Audio Data Immersive Experience (SADIE) project.

Previous research in using sound to explore data

Others have explored the subject. Diaz Merced, writing a doctoral thesis at The University of Glasgow, proposed using sound to explore space physics data.

John Beckman, founder of Narro, a text-to-audio converter website, alluded to it once in a personal blog post. “It’s hard to miss a discordant note or change in volume, even when attention is elsewhere,” Beckman said in 2015.

Unrelated to SADIE and Merced, Beckman was posing the question then as to why more data analysis isn’t performed over sound.

He points out that sounds and visuals are the two main ways people interact with electronics. However, visual is currently the only way people analyze large data sets.

“It seems like our hearing is primed to pick up minute changes, just as much as our sight,” Beckman said then.

https://www.networkworld.com

The cloud continues to drive network evolution

It’s fair to say that there has never been a bigger driver of network evolution than the cloud. The reason for this is the cloud is a fundamentally different kind of compute paradigm, as it enables applications, data and architecture changes to be done seemingly instantly. Cloud-native infrastructure is what enables mobile app developers to roll out new versions daily if they so choose.

The cloud is network-centric

Another fact about the cloud is that it is a network-centric compute model, so a poorly performing network leads to equally poorly performing applications. A lack of network agility means DevOps teams need to sit around twiddling their thumbs while network operations make changes to the network. 

This has been the driving force behind Arista’s software-first approach since the company launched many years ago. It’s EOS operating system was designed to be portable, so the company has been able to deliver a consistent set of features through different silicon releases without disrupting the operational processes of the networking team.

Often organizations will hold off upgrading the network because their vendor made a major change to the OS, requiring scripts, tools, and management systems to be updated. But Arista has maintained a single OS across all its products.

New Arista switches leverage latest Broadcom silicon

Arista recently announced two new series of switches that increase scale and performance of the network while maintaining operational consistency.

The Arista 7050X3 and 7260X3 series are fixed form factor, leaf-and-spine products that use the Broadcom Trident 3 and Tomahawk 2 silicon.

The 7050 is more of a general-purpose switch and geared for enterprises that are running highly virtualized and/or containerized data centers. The series comes in two flavors — one switch has 48 25 Gig-E ports with 12 100 Gig-E uplinks, and the other offers 32 100 Gig-E ports. It’s optimized for complex layer 2 / layer 3 processing and tunnel encapsulation/decapuslation, and it is an ideal product to implement security policies required at the server point of entry into the network.

The 7260 is suited for cloud providers or very large enterprises that have similar requirements and has a whopping 64 100 Gig-E ports in 2 RU form factor. It’s designed to be a data center leaf-and-spine switch and is optimized for simple layer 3 processing and tunnel transit.

These new switches are also double the capacity of the previous generation, 7060X and 7050X.

New features in Arista's 7050X3 and 7260X3 switches

While the operational model for Arista products remains consistent from switch to switch, the company is always adding new features to its products. This release was no different. Innovations in the 7050X3 and 7260X3 include:

• Intelligent buffering and congestion-aware automated load balancing for consistent network performance
• Path and latency monitoring with advanced packet tracing to find problems faster
• Network segmentation, including segment routing and full VXLAN support for tunnel encapsulation
• High availability with hitless software upgrades, speed changes, and flexible services with zero downtime
• Up to 12.8 Tbps and 4.2Bpps of packet forwarding

The new X3 series maintains the consistency of EOS but adds a wide range of features made available in the new Broadcom silicon. Arista customers can leverage the programmability of the platforms to run their own extensions to deliver unique capabilities. This provides the benefits of software without having to maintain a custom operating system.

Arista certainly isn’t for everyone. But for customers that require leading-edge performance combined with programmability and agility, the company has provided a consistent drumbeat of new products leveraging the latest silicon.

https://www.networkworld.com

Oracle launches Autonomous Data Warehouse Cloud

Oracle is taking AWS head-on, with its newly launched Oracle Autonomous Data Warehouse Cloud, which uses machine learning to provide self-managed security for the cloud.

The smart service can secure itself against threats and implement patches autonomously to ensure data stays as secure as it possibly can be.

Not only does the technology mean databases can be ultra-secure, but it also significantly cuts down the time it takes to set up the data warehouse. Admins don't have to manually manage workloads, even when they change, nor do they need to lift a finger when storage volumes are adjusted.

Migration to the cloud is made simple too, with full compatibility between on-premise and cloud databases.

"This technology changes everything," said Larry Ellison, Oracle's co-founder. "The Oracle Autonomous Database is based on technology as revolutionary as the Internet. It patches, tunes, and updates itself. Amazon's databases cost more and do less."

Oracle's Autonomous Data Warehouse Cloud spins up a secure data warehouse in seconds, automatically setting up backup, encryption and high availability without humans intervening.

The tech is built upon Oracle Database 18c, the company's latest database infrastructure it introduced back in October, alongside its automated cybersecurity platform.

The company said in the announcement that it's so confident in its Autonomous Data Warehouse Cloud, it reckons its product offers the same workload as AWS, but at half the cost - a bold claim indeed.

This is the first Autonomous Database Cloud service Oracle plans to launch in its series. Coming up in the next few months will be Autonomous Database for Transaction Processing, Oracle Autonomous NoSQL Database and Autonomous Graph Database for analysing network traffic.

Last year, just after Oracle first announced it was working on self-healing databases, Ellison said if Equifax had been using his company's self-patching database, it would not have been hacked. 143 million customer details were exposed when hackers broke into the credit firm's database, because the company hadn't rolled out a patch issued by the Apache Foundation.

http://www.cloudpro.co.uk

By 2020, we’ll be using Windows in the cloud

One of the interesting launches this month was the Blade Shadow PC.  This offering out of France seems to provide the best current view of the likely future for desktop computing.  It isn’t yet the present for most of us and I’ll get to that, but it showcases what could be done in the cloud albeit with some impressive heavy lifting. 

Let’s talk about why we are moving to a cloud based personal computer model, what the Blade Shadow PC (kind of a cool name) currently provides, and where it falls short this week. 

The drive for cloud PCs

The issues we all have to currently deal with are hardware migration (when you have to move from an old PC to a new one), software patching and updates, and adequate security in a world where threats are advancing faster than security software.  With the current model you own all of this and it is not only annoying it is dangerous.  The danger comes from the fact even companies are having trouble keeping up with new security exposures, those of us that work from home are mostly praying we aren’t targeted. 

A cloud service would be, in its ultimate form, like Amazon Prime TV for PCs.  You pay a subscription, you get a bundled set of apps, and you pay for any extras a la carte.  The service upgrades the hardware, does the migrations, handles the patching and updates, and wraps you with enterprise grade security.  You also get instant on, a potentially lower power bill, and far more piece of mind. 

You can get to your PC experience from your tablet, smartphone, or even TV.   And, the service should retain state so regardless of what hardware you use you’ll immediately return to what you were working on regardless of the hardware you use.  (At some point you should even be able to bring up your PC desktop on the bid Tesla like display expected on future cars). 

Blade Shadow PC

Costing around $420 a year the Blade Shadow PC service provides a dedicated workstation class PC for your remote use.  Current support levels provide up to 4K image and some VR support.   While the service seems to be targeted at performance gamers it isn’t limited to games and it will run design and engineering programs and production apps.   They promise to upgrade the hardware and operating regularly (it starts out as a Windows 10 machine) and you can stream the desktop to an older Windows (Windows 7), MacOS, or Android device.  It will also run on their $140 thin client device if you want a tiny kitchen or desktop office experience. This might be the easiest way to get full Windows functionality on a Mac or Android device.  

So, this checks most, but not all the boxes, for the perfect Netflix like cloud PC experience. 

Why it falls short

Currently USB support is very limited so getting all your peripherals to work could be problematic, this needs a decent internet connection suggesting mobile use may have to wait until pervasive 5G is available, and we’ll need a huge upgrade in plane capability before it can be used in the air.  In addition, until the service price includes the apps it really isn’t a Netflix experience or even an Amazon Prime TV experience really.  I understand the Blade folks are working on the USB support problem and 5G is coming and should be reasonably broad by 2020, and the GoGo plane internet service is due for a 10x performance bump in 2019 (I’m betting more like 2020).  This all suggests that in a few short years we could have a viable alternative, at least with regard to technology, in a Cloud based PC experience by 2020.  However, by then, I expect the major existing cloud service providers will jump in making it critical, if Blade Shadow PC wants to survive, that the get to critical mass or get acquired by one of the big players by then.  

Blade Shadow PC has the potential to become a Netflix for PCs but so does Netflix and all the other streaming providers – including Amazon.  I expect by 2020 we’ll have a lot of compelling alternatives to a running apps on locally on a PC and that this will drive a trend similar to what happened to Blockbuster and Netflix.  The old will give way to the new and we’ll never have to worry about patches, replacing hardware, or even buying apps the way we do now. 

https://www.computerworld.com

Facial recognition tech moves from smartphones to the boardroom

Facial recognition technology, which has begun to gain traction on mobile devices like the iPhone X and various Android smartphones, could soon show up at work – and at the airport.

The technology uses a person's face to authenticate their identity,  making it a potentially important security tool.

In 2015, Google launched its "Trusted Face" feature as part of its Android 5.0 Lollipop update. Trusted Face, part of Android's Smart Lock technology, works in the same way as Apple's Face ID, which replaced the Touch ID fingerprint reader on the iPhone X.

Though analysts say facial recognition technology still needs refinement, it could soon be used in coroporate settings such as the boardroom to make sure only authorized employees are admitted.

"Face ID will do for facial recognition what the iPhone did for BYOD," said Doug Aley, chief revenue officer at Ever AI, a facial recognition technology startup that markets to enterprises.

Imagine, for example, you're a manager preparing for a boardroom presentation on a confidential internal project. As participants enter the room, a facial recognition camera flags someone who's not authorized to attend, notifying you or shuttering the slideshow.

While that may sound Minority Report-esque, the technology is available today, and it has potential to move quickly into the corporate mainstream.

"There's a whole lot of data carried in your face: your age, your gender, even your emotional state at the time. And, those are things that could be useful outside of simply authentication," Aley said.

Ever AI's software was developed using a massive store of video and images contained in a consumer photo and video cloud storage service, EverAlbum (now simply called Ever). The app, available in the Apple App and Android Play stores, lets users organize their image and video albums from multiple services.

Ever AI collected a data set of 13 billion images that were tagged by users – similar to how photos are tagged in Facebook – with the names of those in the photos, Aley said. From that point, on, all future photos of those people are tagged automatically (with the user's permission) so users can find those photos easily. "This creates an 'identity' for those people," Aley said.

The data store was used to train facial recognition algorithms, which resulted in a more accurate consumer application; Aley claims the company's enterprise facial recognition software is 99.8% accurate.

Buoyed by Apple's embrace of Face ID, Ever AI launched its facial recognition software in September.

"Prior to the iPhone X, it was a little scary for most," Aley said. "The iPhone X kind of normalized it for the masses. We saw a massive uptick in enterprises building the technology into products."

A face in the crowd
Cloud collaboration software provider BlueScape is using Ever AI's enterprise software to develop a product that's expected to launch this year that will sample large sets of images to either disambiguate a group of faces from one another or find a particular face among thousands.

"That's a pretty cool use case for our customers who are often looking to identify a particular group of characters in an entertainment environment or locate a particular individual in a national security setting," said Demian Entrekin, CTO of BlueScape in San Carlos, Calif.

For example, Disney animators working on a sequel to the animated film "Frozen" may want to find all of the previous images of one particular character; those images, Entrekin said, can often be stored on dozens of servers or storage arrays, and they're often mixed in with a crowd of other animated characters.

"That's a visual search exercise that's extremely difficult," Entrekin said. "It becomes particularly powerful when you're looking at multiple sources of data. I'm looking at five databases, or 10 or 30 or more...that might even be kept live.

For law enforcement, the same kind of facial recognition algorithm could be used to pick out a known criminal from a crowd of pedestrians, Entrekin said.

Airlines, government agencies turn to face recognition for security
NEC Corp.'s Advanced Recognition Systems business unit has been providing facial recognition technology to airlines and government agencies.

The company's NeoFace Watch integrates face-matching technology with video surveillance to check individuals against known photographic watch lists and generate real-time alerts when matches are found.

And NEC's NeoFace Express is a fast 1:1 face-matching technology for rapid access scenarios; it has been deployed at eight airports via U.S. Customs and Border Protection's (CBP) Biometric Exit pilot program.

The technology is part of a new requirement from the border agency requiring Automated Passport Control (APC) kiosks to authenticate identity by matching people's faces to the biometric record in their e-passport.

APC kiosks have become a regular feature at U.S. airports and the technology has  been put in place for APC kiosks at U.S. borders.

Last year, JetBlue Airlines announced a collaboration with the CBP and biometric technology vendor SITA to pilot facial recognition systems that enable passengers to self-board flights to Aruba from Boston's Logan International Airport. The technology was later extended to flights going from Boston to Santiago, Dominican Republic.

"Customer response has been overwhelming positive. More than 90% of customers have opted-in to self-board," Julianna Bryan, head of communications for JetBlue, said via email. "Self-boarding also saves time for our crewmembers, who no longer have to do manual passport inspections during the boarding process."

JetBlue will review the findings of its initial trial to determine how to move forward with the technology.

"We're always looking for opportunities to innovate and create a more seamless, simple and secure travel experience for our customers," Bryan said. "We're continuing conversations with [CBP] for a long-term biometric roadmap."

Logan isn't the only airport embracing the technolofy; Orlando International Airport has also upgraded its APC kiosks to include facial recognition for arriving passengers.

And in February, NEC announced the global launch of NeoFace Access Control, its own facial recognition product that can be installed with existing entrance and exit gates or doors to enable access to authorized individuals.

Growth expected, but companies remain cautious
The facial recognition market is expected to grow by an average of 21.3% over the next four years, to $9.6 billion by 2022, according to Allied Market Research.

Even as the face recognition industry expands, most companies have been cautious about adopting biometrics – particularly facial recognition, according to Jack Gold, an analyst with J. Gold Associates

While the iPhone X has elevated the game from almost a 'toy' status of most early phone implementations to one of a serious technology trying to solve a problem, Gold said he's still not seeing mass adoption.

"One reason is that companies want a uniform methodology – and with a plethora of device types," he said via email. "While they may feel a bit more comfortable with the X, they still have lots of phones (both Apple and Android) that don't have this level of capability."

Another reason mass adoption has been slow is because companies have still not seen concrete evidence the tech is secure enough for corporate ID purposes.

"It's OK if individual users want to use it for their personal ID needs, but deploying as a corporate standard is another matter," Gold said.

Shawn McCarthy, a research director with IDC Government Insights, believes that for now, adaptive authentication using biometrics will continue to be relegated to highly security environments, such as the military, intelligence or high-end research facilities.

"We do not tend to see it used for regular government office systems," McCarthy said. "Two-factor, including cellphone-based authentication, tends to be good enough for most agencies."

Ever AI's Aley, however, said he believes facial recognition technology will gain traction later this year or next – initially in the corporate world.

"It's going to take off first in the enterprise from a worker perspective. We've got a couple of large industrial companies that want to authenticate workers on the line – rather than using badges – to understand who was there so there's an audit trail showing where people were at different times," Aley said.

Later this year, Aley said one of Ever AI's corporate customers – whom he declined to name – plans to roll out facial recognition technology as a way to authenticate workers as they enter offices and cubicles to gain access to corporate data systems.

"We're also seeing it show up in typical building security measures," he said. "We run around with all these badges to get us into different areas of buildings. Those badges are pretty insecure; you can pass it off to a friend and no one knows anything about it. A badge plus facial recognition gives you multi-factor authentication."

https://www.computerworld.com

Google Introduces AI-Powered Text-to-Speech for Many Application Types

Google has launched a new technology that makes it easier for businesses to add natural sounding speech capabilities to their applications and services. 

Cloud Text-to-Speech is available—currently in beta form—as an API that developers can use to enable voice interaction in a wide range of use cases. 

Examples include powering interactive voice response systems in call centers, adding voice response capabilities to TVs, cars and internet of things devices and automatically converting news articles, books and other text-based media to audio-books and podcasts. 

Developers can choose from 32 different voices in 12 languages when adding voice capabilities to an application, service or device using Cloud Text-To-Speech.  

Cloud-Text-To-Speech allows developers to customize attributes like speaking rate, pitch and volume gain, according to Dan Aharon, product manager of Cloud AI at Google. 

The technology is designed to pronounce complex text such as names, dates and addresses correctly and authentically without any tweaking or customization, Aharon wrote in a blog announcing Cloud Text-To-Speech March 27. 

Some of the high fidelity voices available with the new technology use WaveNet from DeepMind, a UK based artificial intelligence firm that Google acquired in 2014 and is now an Alphabet subsidiary. 

WaveNet is a deep neural network for generating speech that mimics human voices. The speech generated with WaveNet is far more natural sounding than even the best Text-to-Speech systems, according to Google. 

The technology is different from the most common current approach to generating speech with computers, which is by selecting and concatenating short speech fragments to make them whole utterances. 

With concatenative text-to-speech technologies, a large database of speech fragments from a single speaker is first recorded and those fragments are then recombined as needed to make complete sentences, Google note. This approach makes it hard to modify the voice or alter the emotion or emphasis of the computer generated speech, according to Google. 

WaveNet on the other hand is designed to produce raw audio waveforms by learning from large volumes of speech samples. "During training, the network extracts the underlying structure of the speech, for example which tones follow one another and what shape a realistic speech waveform should have," Aharon said. 

So when it is provided with a text input, a fully trained WaveNet model will be able to generate the corresponding speech waveform, much more accurately than other approaches to speech synthesis, he said. Current WaveNet models can generate up to 20 seconds of relatively high-quality audio in just 1 second. 

Pricing for the Cloud Text-To-Speech API is based on the amount of text characters that are synthesized into audio. For speech that is synthesized without using WaveNet, Google won't charge anything for the first 4 million characters each month and then $4 per 1 million characters after that. Enterprises that want WaveNet voices will get the first 1 million characters for free each month and then will have to pay $16 for each additional million characters. 

http://www.eweek.com