- Deep dive on TFF/OpenMined integration and logical partitioning, presented by Teo Milea
- Questions:
- Who audits whether a computation on the domain server is OK.
- Several mechanism being considered.
- On one end of the spectrum, we expect to support manual auditing and approval of submitted requests by the data owner.
- On the other end of the spectrum, we aim to automated the process, e.g, by requiring DP, introducing privacy budget (max epsilon, delta), static analysis of model code to check for presence of filesystems ops, etc.
- Boundary between TFF and PySyft and what’s new in PySyTFF,
architecturally
- Pointer to architectural diagram on slides 28-33 in this deck from July 21
- TFF’s federated DSL and runtime abstractions are not the only part of the service that must run in a trusted space
- Other logic that must run in trusted space, outside the control of the user includes code that constructs TFF computations, decides on the use of mechanisms such as DP, determines privacy budget, performs policy checks, drives the training loop, and decides on the release of individual artifacts (such as trained models or metrics)
- PySyTFF is one example of how such logic can be layered on top of the TFF’s DSL and runtime, as a PySyft domain node service
- We recommend other systems based on TFF to follow the same pattern
- Who audits whether a computation on the domain server is OK.
- Conversations to continue on Discord