diff --git a/examples/tutorials/self-paced-training/part-3_security_and_privacy/chapter-6_Security_in_federated_compute_system/06.0_introduction/introduction.ipynb b/examples/tutorials/self-paced-training/part-3_security_and_privacy/chapter-6_Security_in_federated_compute_system/06.0_introduction/introduction.ipynb index 74f5ea51f0..68c10ee5e2 100644 --- a/examples/tutorials/self-paced-training/part-3_security_and_privacy/chapter-6_Security_in_federated_compute_system/06.0_introduction/introduction.ipynb +++ b/examples/tutorials/self-paced-training/part-3_security_and_privacy/chapter-6_Security_in_federated_compute_system/06.0_introduction/introduction.ipynb @@ -8,7 +8,69 @@ "# Security in NVIDIA FLARE Federated Computing Systems \n", "\n", "\n", - "A Federated Computing System requires robust security mechanisms to ensure that only legitimate and trusted participants can contribute, while also protecting communication channels and enforcing authorization policies. Below are the critical security components of an FL system:\n", + "### Critical Security Concerns in Federated Learning System\n", + "\n", + "#### Data Privacy\n", + "* Model inversion attacks (reconstructing training data from model parameters)\n", + "* Membership inference attacks (determining if specific data was used in training)\n", + "* Property inference attacks (learning properties about training data)\n", + "* Gradient leakage during parameter sharing\n", + "\n", + "#### System Security\n", + "* Authentication of participants\n", + "* Man-in-the-middle attacks\n", + "* Sybil attacks (malicious entities creating multiple fake identities)\n", + "* Denial of Service (DoS) attacks\n", + "* Network security during model/gradient transmission\n", + "\n", + "#### Model Security\n", + "* Model poisoning attacks\n", + "* Backdoor attacks\n", + "* Model stealing/extraction\n", + "* Adversarial attacks on the trained model\n", + "\n", + "#### Participant Privacy\n", + "* Protection of participant identities\n", + "* Confidentiality of participation in the FL system\n", + "* Protection of organizational intellectual property\n", + "\n", + "#### Computation Integrity\n", + "* Verification of correct computation by participants\n", + "* Detection of malicious or faulty updates\n", + "* Ensuring honest execution of the FL protocol\n", + "\n", + "#### Access Control\n", + "* Role-based access control\n", + "* Resource usage control\n", + "* Model access permissions\n", + "* Data access restrictions\n", + "\n", + "#### Regulatory Compliance\n", + "* Adherence to data protection regulations (GDPR, HIPAA, etc.)\n", + "* Cross-border data governance\n", + "* Audit trails and accountability\n", + "\n", + "#### Infrastructure Security\n", + "* Edge device security\n", + "* Server security\n", + "* Communication channel security\n", + "* Storage security for model checkpoints\n", + "\n", + "#### Trust Management\n", + "* Reputation systems for participants\n", + "* Trust establishment between parties\n", + "* Verification of participant legitimacy\n", + "\n", + "#### Aggregation Security\n", + "* Secure aggregation protocols\n", + "* Protection against colluding participants\n", + "* Byzantine-robust aggregation\n", + "\n", + "----------\n", + "\n", + "### Security Mechanisms in Federated Learning System\n", + "\n", + "A Federated Computing System requires robust security mechanisms to ensure that only legitimate and trusted participants can contribute, while also protecting communication channels and enforcing authorization policies. Below are the critical security components of an Federated Learning system:\n", "\n", "\n", "* **Authentication**\n", diff --git a/examples/tutorials/self-paced-training/part-3_security_and_privacy/chapter-6_Security_in_federated_compute_system/06.4_communication_security/communication_security.ipynb b/examples/tutorials/self-paced-training/part-3_security_and_privacy/chapter-6_Security_in_federated_compute_system/06.4_communication_security/communication_security.ipynb index 7633df4611..764af21639 100644 --- a/examples/tutorials/self-paced-training/part-3_security_and_privacy/chapter-6_Security_in_federated_compute_system/06.4_communication_security/communication_security.ipynb +++ b/examples/tutorials/self-paced-training/part-3_security_and_privacy/chapter-6_Security_in_federated_compute_system/06.4_communication_security/communication_security.ipynb @@ -43,13 +43,13 @@ "The Provision system now allows you to specify connection security explicitly for each site. \n", "\n", "\n", - "TLS\n", + "**TLS**\n", "\n", "This is normal TLS (i.e. 1-way SSL). While client certificates are not required for establishing the connection, a Root Certificate is required to validate the server. You can provide a custom root cert for validating the server (usually the endpoint that represents the server, and the server is actually behind that endpoint). If you do not provide a custom root certificate, the root cert generated by the Provision tool will be used.\n", "\n", "\n", "\n", - "mTLS\n", + "**mTLS**\n", "\n", "\n", "This is mutual TLS (i.e. 2-way SSL). PKI credentials in the startup kits will be used for client/server connections.\n", @@ -62,7 +62,7 @@ "So both sites using TLS doesn't mean mTLS. In fact, both sites must use the same mode (mTLS or TLS) at the same time.\n", "\n", "\n", - "Clear\n", + "**Clear**\n", "\n", "\n", "Messages are not encrypted, and this is usually used when the server is deployed behind a proxy, and the communication between the proxy and the server is in clear text.\n", diff --git a/examples/tutorials/self-paced-training/part-3_security_and_privacy/part-3_introduction.ipynb b/examples/tutorials/self-paced-training/part-3_security_and_privacy/part-3_introduction.ipynb index ca7c151d09..9699c1e63f 100644 --- a/examples/tutorials/self-paced-training/part-3_security_and_privacy/part-3_introduction.ipynb +++ b/examples/tutorials/self-paced-training/part-3_security_and_privacy/part-3_introduction.ipynb @@ -150,7 +150,7 @@ "#### **3.4.2 Federated Auditing and Verifiable Training** \n", "- Verifies whether clients follow protocol and do not inject poisoned updates. \n", "\n", - "#### **TEE-Based Trust Management in Federated Learning**\n", + "#### **3.4.3 Trusted Execution Environment (TEE) based Trust Management in Federated Learning**\n", "- TEE is a secure VM or process that isolates sensitive computations from the rest of the system. It provides:\n", "* Confidentiality: Prevents unauthorized access to sensitive data.\n", "* Integrity: Ensures code and data within the TEE cannot be tampered with.\n",