IEEE 2986-2023 PDF
This document provides recommended practices related to privacy and security for FML, including security and privacy principles, defense mechanisms against non-malicious failures and examples of adversarial attacks on a FML system. This document also defines an assessment framework to determine the effectiveness of a given defense mechanism under various settings. Data privacy and security are highly complex and increasingly regulated areas of law, and no recommended practice can provide unconditional consistency with all applicable laws and regulations, which may also vary at the local, state and regional level. Users of this document should evaluate any implementation for considerations of data privacy, security and data ownership in the context of FML, and are responsible for conformance with all such laws and regulations.
The purpose of this recommended practice is to provide a resource on the topics of security and privacy for designers and users of FML systems and to accelerate the deployment of FML technology across industries.
New IEEE Standard – Active. Privacy and security issues pose great challenges to the federated machine leaning (FML) community. A general view on privacy and security risks while meeting applicable privacy and security requirements in FML is provided. This recommended practice is provided in four parts: malicious failure and non-malicious failure in FML, privacy and security requirements from the perspective of system and FML participants, defensive methods and fault recovery methods, and the privacy and security risks evaluation. It also provides some guidance for typical FML scenarios in different industry areas, which can facilitate practitioners to use FML in a better way.