Confidential Computing across Edge-to-Cloud for Machine Learning: A Survey Study

TL;DR

This survey reviews the landscape of confidential computing technologies like trusted execution environments and homomorphic encryption, emphasizing their role in secure edge-to-cloud machine learning applications and highlighting areas needing further research.

Contribution

It provides a comprehensive taxonomy of confidential computing solutions and discusses their applications in machine learning, identifying gaps and future research directions.

Findings

Significant progress in hardware and software security solutions.

Existing trusted execution environments have vulnerabilities needing attention.

The survey highlights unexplored areas for enhancing confidentiality in distributed computing.

Abstract

Confidential computing has gained prominence due to the escalating volume of data-driven applications (e.g., machine learning and big data) and the acute desire for secure processing of sensitive data, particularly, across distributed environments, such as edge-to-cloud continuum. Provided that the works accomplished in this emerging area are scattered across various research fields, this paper aims at surveying the fundamental concepts, and cutting-edge software and hardware solutions developed for confidential computing using trusted execution environments, homomorphic encryption, and secure enclaves. We underscore the significance of building trust in both hardware and software levels and delve into their applications particularly for machine learning (ML) applications. While substantial progress has been made, there are some barely-explored areas that need extra attention from the researchers and practitioners in the community to improve confidentiality aspects, develop more robust attestation mechanisms, and to address vulnerabilities of the existing trusted execution environments. Providing a comprehensive taxonomy of the confidential computing landscape, this survey enables researchers to advance this field to ultimately ensure the secure processing of users' sensitive data across a multitude of applications and computing tiers.