Model Confidentiality in AI-as-a-Service: Challenges and Cryptographic Solutions
摘要
With the widespread adoption of AI-as-a-Service (AIaaS), enterprises increasingly rely on cloud platforms to deploy and access powerful machine learning models. This shift offers scalability and cost-efficiency but also introduces significant security and privacy concerns. Protecting the confidentiality of AI models and user data has become a critical requirement in this outsourced computing paradigm. However, AIaaS platforms face numerous threats, including model inversion, membership inference, extraction attacks, and data poisoning. Traditional security mechanisms are insufficient to address the unique confidentiality risks associated with remote AI model hosting and inference. Furthermore, balancing performance, privacy, and deployment feasibility remains a core challenge. This paper proposes a comprehensive confidentiality-focused architecture for AIaaS, integrating multiple cryptographic techniques and secure hardware layers. The design leverages Homomorphic Encryption, Secure Multiparty Computation, Trusted Execution Environments, and Federated Learning with Secure Aggregation, supported by a centralized Management & Compliance layer. Threat vectors are explicitly addressed across client, cloud, and edge layers, while performance and auditability are maintained. In conclusion, our architecture provides a layered and resilient defense against modern AI threats while maintaining functionality and scalability. It offers a blueprint for deploying privacy-preserving AIaaS infrastructures. Future work will focus on optimizing hybrid models and advancing quantum-resistant protections.