Transcriptions
Note: this content has been automatically generated.
00:00:02
thank you uh so thanks for the organ uh tends to be organised as for ah that are great event today
00:00:08
my name is the project chief um ah i'm the city
00:00:11
only found that out ah in for a privacy preserving machine learning
00:00:16
a swiss us based company i'm also on
00:00:20
affiliated professor but a couple appeared that into
00:00:23
not practical could repeat eighty people uh teaching
00:00:26
courses in ah mathematical crippled happy so um
00:00:31
today i'm gonna tell you a little bit about our premise of
00:00:34
preserving the m. l. without some specific use cases but they also uh
00:00:41
put my might poke into the context of
00:00:43
far better for coming regulations on artificial intelligence
00:00:48
so in for a while develops a platform ah called big so for privacy preserving
00:00:55
a machine link and it uses various script to block oh
00:01:00
technologies such as a circular multiparty computation pulling from our project
00:01:05
option ah they they they could well mean with the security radiation
00:01:09
ah but it also ah very recently integrated with uh
00:01:14
ah some cover security now ah features
00:01:17
are in partnership with microsoft but asia i'll
00:01:21
tell me a little bit about that so uh let's start with the basically like that
00:01:29
generalities here so accessing private data for family pick semi one
00:01:33
day i dispose already mentioned in the in the previous though
00:01:37
so they to access is uh the leading barrier to enter
00:01:41
paris uh the i. m. l. ah adoption and national security so
00:01:46
a value valuable they please distribute it
00:01:49
usually huh silos across teams leases owns it
00:01:53
set for i am the a conventional ah matt techniques such as the money musician position
00:02:00
ah encryption up enough so uh we need basically to talk now
00:02:06
about the concept of interruption in use this is what what what types of preserving computing is about
00:02:13
uh so how can we provide access to sensitive data
00:02:16
well keeping gets it you are confidential and distributed bands that
00:02:20
main problem but we're solving of course this is all
00:02:23
about privacy insecurity and there is a big getting here
00:02:28
that appear this some some about this ah
00:02:31
the regulations on artificial intelligence and that so
00:02:36
the concept of what we call today trust work here i'm
00:02:39
in that regulations so you're seeing a lot more teams men just
00:02:43
our gen been just like the same data protection so first
00:02:47
of all ah what's that the u. a. i. x. or that
00:02:52
is the walls uh i'm a bit world so first company
00:02:55
can save a a regulation and this was passed by the new
00:02:59
parliament this summer in july ah twenty twenty three and is
00:03:05
expected to be fully effective twenty twenty six so uh that's that
00:03:10
that's embodied the story so what do we mean by trust that post with the a i mean this
00:03:16
more to that that's that it could calling plus possible use okay i first of all
00:03:22
not it talks about different concepts you don't there's a mention probably the same
00:03:27
data protection so you serve ah fairness
00:03:30
and biased mitigation reject transparency didn't explain ability
00:03:35
and here i'm emphasising the word explain ability that's one of the problems that infrared
00:03:41
the company isa um in countering chin
00:03:44
various ah big enterprise client applications a into
00:03:49
actually be on the privacy we're developing also privacy presenting features
00:03:54
for mobile explain ability you mentioned just a little bit more
00:03:58
it's particularly important for example if you are using come a i'd based diagnosis
00:04:03
tool we've adopted he's using that tool and they're multiple features coming into that too
00:04:09
how do we know exactly which feature is accountable for that
00:04:13
explains the production ah same for predictive maintenance imagine that you're trying
00:04:18
to do predictive maintenance are in in any of the industrial fields
00:04:24
and then uh you want to understand you want to do it
00:04:27
would cost analysis so that's that's where ah you you cannot
00:04:31
again should discuss their lesson biased mitigation again a big topic ah
00:04:37
about the view especially those who work in a i know about
00:04:40
that robustness and reliability and accountability and they are that's that's also
00:04:46
a big topic so these are among the main themes are far that the u. a. i
00:04:51
uh at uh we will um see more details later this year on that are coming up so
00:04:59
now let me tell me a little bit about the in for ah pricing constant
00:05:04
technology approach so a lot of people who know a little bit about paying for
00:05:11
ah often thing that we're done in p. c. company in pieces then swap secure multiparty
00:05:16
computation and in fact that's not exactly what
00:05:20
we are we are we use secure multiparty computation
00:05:25
which of state of the art technology scalable deployed in production uh but ah that is not the
00:05:32
only technology that that is used so the the yeah ah our our company vision at least is that
00:05:39
ah real world use cases cannot be addressed with a single privacy enhancing technology you need to put the
00:05:45
combination of books so you need to put the
00:05:48
combination of s. n. p. c. differential privacy ah uh
00:05:53
but the rated learning or ah ah even plus that execution environment so think about the
00:05:59
federated learning work will so it's very complex
00:06:04
from a security analysis perspective right so you've
00:06:07
got all these like ah private data sources
00:06:12
sage devices whatever your palate silence ah ah
00:06:16
so hard in all but the daycare is protected from the server the server receives updates
00:06:23
from from local mobile updates of local gradient updates from all of these devices so ah
00:06:30
it's it's very difficult to also so there are various attacks out there like model invention attacks
00:06:37
that could be essentially cover the local beat up each of
00:06:40
the local data sources so we need to talk about security regulation
00:06:44
how do you do security should use other pets
00:06:48
use other privacy preserving technologist like how marketing corruption
00:06:53
or secure multiparty computation you can also use the financial privacy
00:06:58
to to to protect global models when you communicate them back to
00:07:02
their to their ah the local plants so ah securing federated link
00:07:09
as simple as it might sound is an extremely picky question
00:07:15
and like you have to be very careful when you
00:07:18
ah even described or security models work work wine so
00:07:23
uh that is what you've got is so how does
00:07:25
it work impact this uh so we kept up the um
00:07:31
i'm not just portal on the left so this is where the data analyst with no knowledge of
00:07:36
triple a. p. sets it interacts via standard pipe
00:07:41
from o. s. t. p. ice so you writer
00:07:43
call in the same way is you would write the program ah ah you you would like the
00:07:49
problem cited where um or yeah not pounders they'd the planes on the stand up a. p. ice
00:07:56
then what you do is you sent the so this program gets compiled by ideas of
00:08:01
service and usually on the crowd hosted by
00:08:04
infrared so that our dot dot dot compiler
00:08:09
that doesn't see ah anything about private data you just
00:08:14
use the code compiles it then it has to be it
00:08:18
the uh the cold to the more people probably would be to silos where
00:08:22
you execute the computation interested that is all on the uh on the well
00:08:28
on the analyst pop so that's kind of fun and very high level
00:08:32
how you're going to orchestrate the course there's a lot of details here
00:08:37
probably when he orchestration hobbling sure that you
00:08:40
get on multiple computations how do you uh huh
00:08:44
so so so how do you orchestrate and even more complex work
00:08:48
for where you have to a local computations uh on each of
00:08:52
these um uh because i was how do you orchestrate the pretty
00:08:57
lady polemic approach where you may chip like millions of devices and pure
00:09:01
ah model can become very complex like uh the models that
00:09:06
were mentioned in in slots uh told before so a lot
00:09:10
but but but there's always that he leaned the details of the implementation of this this system so so if you can still
00:09:17
ah but on a very high level this is what this is what
00:09:21
we provide so far and basically the focus of the company is clearly around
00:09:28
and only takes machine learning can in a i that's what we know we know how to do well um so
00:09:35
let me tell you a little bit about ah on on on a very high level so
00:09:41
oh basically are i'll show you a particular use case in shelter at the end
00:09:47
of my talk about the art as i mentioned to you are you are so weak
00:09:55
first of all support so in this mobile we do support
00:09:59
capability computing and what does it mean that we support group
00:10:04
to be happy computing capability computing just a neat think who
00:10:08
secretly you turn on the lights based on mathematical arguments impure it's
00:10:15
uh that's working confidential compute think is anything that provide some crap works you
00:10:22
and some people out there are all che to use confidential computing
00:10:29
but for other applications especially government competition
00:10:33
computing is not enough so what what we
00:10:38
amen invasion to provide with that platform is in fact the capability
00:10:44
that if you have very strong mathematical security models at the same time
00:10:50
depending on your scale ability requirements and your security
00:10:55
requirements you should have the flexibility in the options
00:10:59
to deploy more highly scalable ah solution
00:11:04
right so well on the a big advantage here is that for most of these applications to
00:11:11
see one particular use case you don't have to move data your data can reside on premise
00:11:17
or it can be in the clock or you may collaborate on beta in the hybrid passions
00:11:23
some some of the data might be in the crowd some of the data might be imprints so
00:11:28
there are his ability is very important here isn't mentioned data scientists they
00:11:36
should not know all the details of triple reputation was this lab probation because
00:11:41
the security in the implementation but they should not our be able in any
00:11:47
way to explicitly interact with the security and set security parameters it's it so
00:11:54
that and and at the end of the day like the enterprise that that's very important
00:11:58
because obviously want to be able to deploy it automatically you want to be able to our
00:12:04
that support sufficiently many machine learning complex machine learning
00:12:08
corporations you need to get that type interfaces especially now
00:12:12
with or without ice of generative pay i ah you you you do shape
00:12:17
your you you do need very special ah a. p. i. is that could
00:12:22
easily support the work tools okay so what's important here to mention on legislation
00:12:28
perspective so that european data protection board
00:12:33
recommends some of these republican security uh
00:12:39
technologies for g. d. p. r. compliance specifically
00:12:44
and using an example with secure multiparty computation
00:12:48
so infrared is a company his being seven involved in
00:12:53
ah foundational work can fully from a marketing corruption as well
00:12:58
so i'll let you can see that already descriptive gothic
00:13:02
security ah technologist they are not in the sense huh
00:13:07
consider to be due to poor comply so some of the use cases which is which is
00:13:15
ah also topic but i would like to our budget on so
00:13:19
we should have ah obviously use cases in asset management would go
00:13:23
customers some of these use cases of public we which of them on
00:13:26
the blog post we can use cases in a advertisement technologist banking life
00:13:33
sciences manufacturing can semiconductors and government
00:13:38
so like what are the typical banking
00:13:41
cues cases for instance so on collaborative role models this was mentioned already
00:13:47
credit mobile link anti money laundering ah
00:13:50
use g. benchmarking played matching are within our
00:13:55
asset management now obviously so uh if you ever catch from or if you're an asset
00:14:02
manager you may want to bring some external
00:14:04
data to improve your forecasting models so off
00:14:09
the generation that was one of the use cases that we shared with c. p. p.
00:14:14
investment supply chain shop crossbow culpable your positions
00:14:19
so in manufacturing can semiconductor one major use
00:14:22
case predictive maintenance in you optimisation so you might
00:14:26
of our trip about the challenges of semiconductor
00:14:29
manufacturers were here to exchange data between there are
00:14:35
so so or if you're semiconductor manufacturer you ship obviously a lot of
00:14:40
trade secrets and then at the same time using machines that your sense of sweet sensitive data so the data
00:14:46
collaboration is very complex in this uh use cases in to the end of the day what you want to do
00:14:53
you are want to do defect detection in the process and
00:14:57
also make sure that you optimise your parameters of the system
00:15:01
so that you get the optimal e. so there are so
00:15:05
cool you optimisation problem so that's one of the problems that
00:15:09
we as a as a as a company can solve our
00:15:13
government of course intelligence community difference law enforcement unfortunately i can't
00:15:18
talk too much about these use cases due to their obvious
00:15:22
proprietary nature and last but not least we'll hear a lot
00:15:27
today about that that's life sciences like or a john lose going to talk later about that but uh
00:15:34
ah he awoke evidence clinical trials like developments dynamics
00:15:39
so i'm gonna show you one specific use case
00:15:42
right now which is are funded by one of the biggest
00:15:46
our european union projects you horizon pays for for a i
00:15:50
specifically focused on child care and that use cases in our collaboration which should
00:15:57
ah in was on and they're not specifically about how the border paper new imaging
00:16:04
well i'm so the use cases about a digital diagnosis of alzheimer's
00:16:10
disease early diagnosis of all time and there are two aspects of
00:16:15
it so the uh uh do the research group in shoe views
00:16:19
developed this uh software call based on a technique called statistical parametric mapping
00:16:26
so they get a lot of images from patients camera images and if you want
00:16:31
to do statistics on that the first task is to map them to a standard space
00:16:38
so that you can the statistical comparisons obviously you have to individuals the brains brain may just
00:16:44
very different the queries we need to do some mathematical transformation are there other use cases where essentially
00:16:52
you may have the same individuals but over time being on
00:16:55
that over time so these are the so called temporal images
00:17:00
so i'm not their techniques and r. transformations that allow you to produce a d. i. p. image uh
00:17:07
that first of all maps uh all of these images dimple standard space and then it but it it allows
00:17:14
for a statistics and then you can monitor over time
00:17:18
how the volume of certain parts of the brain involved
00:17:21
but i don't have the brain you both for example here on the uh you have like an quite ah
00:17:30
contrast on these derived images in they don't show you where they have like a violation of some of
00:17:37
their ah ah some of the different regions of the buttons in this case the the tentacles for that
00:17:43
mike either be due to page rank or it might be
00:17:47
due to uh some ah new would generate produces like the
00:17:51
men sure or ah alzheimer so you want to know statistically
00:17:56
like what what the schools in that village and that's exactly
00:18:01
the statistical analysis that you would need to do on these
00:18:03
images soul um from one perspective the first problem so the
00:18:09
two problems to solve here there is the biomedical research perspective
00:18:14
where you want to identify very perky to with the agents
00:18:17
of the brain that who's ah changes over time account to
00:18:24
put pension account for alzheimer and the second perspective is the
00:18:30
clinician perspective where you're building confederate a tool that can enable
00:18:36
you to a bit tech barely alzheimer based on these images
00:18:40
and potentially other clinical date so building these tools is the
00:18:45
goal of this are about you know in a collaborative harder
00:18:48
it pushes the goal of their ah you face for a