{"id":"https://openalex.org/W4403344215","doi":"https://doi.org/10.48550/arxiv.2410.05930","title":"Fortify Your Foundations: Practical Privacy and Security for Foundation Model Deployments In The Cloud","display_name":"Fortify Your Foundations: Practical Privacy and Security for Foundation Model Deployments In The Cloud","publication_year":2024,"publication_date":"2024-10-08","ids":{"openalex":"https://openalex.org/W4403344215","doi":"https://doi.org/10.48550/arxiv.2410.05930"},"language":"en","primary_location":{"id":"pmh:oai:arXiv.org:2410.05930","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2410.05930","pdf_url":"https://arxiv.org/pdf/2410.05930","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"type":"preprint","indexed_in":["arxiv","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2410.05930","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5001468122","display_name":"Marcin Chrapek","orcid":"https://orcid.org/0009-0009-7654-6038"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Chrapek, Marcin","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070365933","display_name":"Anjo Vahldiek-Oberwagner","orcid":"https://orcid.org/0000-0002-6983-0630"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Vahldiek-Oberwagner, Anjo","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034356220","display_name":"Marcin Spoczynski","orcid":"https://orcid.org/0000-0001-9169-7066"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Spoczynski, Marcin","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004146268","display_name":"Scott Constable","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Constable, Scott","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090620720","display_name":"Mona Vij","orcid":"https://orcid.org/0000-0002-5309-0391"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Vij, Mona","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5026990786","display_name":"Torsten Hoefler","orcid":"https://orcid.org/0000-0002-1333-9797"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hoefler, Torsten","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5001468122"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.965399980545044,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10101","display_name":"Cloud Computing and Resource Management","score":0.942799985408783,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/foundation","display_name":"Foundation (evidence)","score":0.9037685394287109},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.7819416522979736},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6807258725166321},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.49584779143333435},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.48082029819488525},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.44721531867980957},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.1889263391494751},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.11143085360527039}],"concepts":[{"id":"https://openalex.org/C2780966255","wikidata":"https://www.wikidata.org/wiki/Q5474306","display_name":"Foundation (evidence)","level":2,"score":0.9037685394287109},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.7819416522979736},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6807258725166321},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.49584779143333435},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.48082029819488525},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.44721531867980957},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.1889263391494751},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.11143085360527039},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:arXiv.org:2410.05930","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2410.05930","pdf_url":"https://arxiv.org/pdf/2410.05930","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"doi:10.48550/arxiv.2410.05930","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2410.05930","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2410.05930","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2410.05930","pdf_url":"https://arxiv.org/pdf/2410.05930","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320307102","display_name":"Intel Corporation","ror":"https://ror.org/01ek73717"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4403344215.pdf","grobid_xml":"https://content.openalex.org/works/W4403344215.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2931996793","https://openalex.org/W4205234238","https://openalex.org/W3148880067","https://openalex.org/W2788934790","https://openalex.org/W3167767780","https://openalex.org/W1988660452","https://openalex.org/W3043682580","https://openalex.org/W2941559775","https://openalex.org/W3142266060","https://openalex.org/W4401658540"],"abstract_inverted_index":{"Foundation":[0],"Models":[1],"(FMs)":[2],"display":[3],"exceptional":[4],"performance":[5],"in":[6],"tasks":[7],"such":[8,91],"as":[9,92],"natural":[10],"language":[11],"processing":[12],"and":[13,52,78,82,95,113,133,141,150],"are":[14,31],"being":[15],"applied":[16],"across":[17],"a":[18,118],"growing":[19],"range":[20],"of":[21,58,84,167],"disciplines.":[22],"Although":[23],"typically":[24],"trained":[25],"on":[26,43],"large":[27],"public":[28],"datasets,":[29],"FMs":[30,64],"often":[32],"fine-tuned":[33],"or":[34],"integrated":[35],"into":[36],"Retrieval-Augmented":[37],"Generation":[38],"(RAG)":[39],"systems,":[40],"which":[41],"rely":[42],"private":[44],"data.":[45],"This":[46],"access,":[47],"along":[48],"with":[49],"their":[50],"size":[51],"costly":[53],"training,":[54],"heightens":[55],"the":[56,74,80,129,161,165],"risk":[57],"intellectual":[59],"property":[60],"theft.":[61],"Moreover,":[62],"multimodal":[63],"may":[65],"expose":[66],"sensitive":[67],"information.":[68],"In":[69],"this":[70],"work,":[71],"we":[72,116],"examine":[73],"FM":[75],"threat":[76],"model":[77],"discuss":[79],"practicality":[81,166],"comprehensiveness":[83],"various":[85],"approaches":[86],"for":[87,128,169],"securing":[88,170],"against":[89],"them,":[90],"ML-based":[93],"methods":[94],"trusted":[96],"execution":[97],"environments":[98],"(TEEs).":[99],"We":[100,144],"demonstrate":[101],"that":[102],"TEEs":[103,168],"offer":[104],"an":[105],"effective":[106],"balance":[107],"between":[108],"strong":[109],"security":[110],"properties,":[111],"usability,":[112],"performance.":[114],"Specifically,":[115],"present":[117],"solution":[119],"achieving":[120],"less":[121],"than":[122],"10\\%":[123],"overhead":[124],"versus":[125],"bare":[126],"metal":[127],"full":[130],"Llama2":[131],"7B":[132],"13B":[134],"inference":[135],"pipelines":[136],"running":[137],"inside":[138],"\\intel\\":[139,142],"SGX":[140],"TDX.":[143],"also":[145],"share":[146],"our":[147,153,156,158],"configuration":[148],"files":[149],"insights":[151],"from":[152],"implementation.":[154],"To":[155],"knowledge,":[157],"work":[159],"is":[160],"first":[162],"to":[163],"show":[164],"FMs.":[171]},"counts_by_year":[],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}