Prismo: A Decision Support System for Privacy-Preserving ML Framework Selection

TL;DR

Prismo addresses the challenge of selecting appropriate privacy-preserving ML frameworks for varied deployment scenarios by treating framework choice as a multi-objective linear integer programming problem. It builds a quantitative, cross-technique catalog of 74 PPML frameworks, extracting ten core features and using an optimization engine to return tailored recommendations that balance security, privacy, performance, and usability. The system provides search, filtering, and two ranking modes (default and user-optimized), with framework pages and an open submission flow for continuous expansion. Evaluation on three use cases demonstrates Prismo's ability to identify best-fit frameworks consistent with published results, and the work offers an open-source resource with Dockerized examples to accelerate practical PPML adoption.

Abstract

Machine learning has become a crucial part of our lives, with applications spanning nearly every aspect of our daily activities. However, using personal information in machine learning applications has sparked significant security and privacy concerns about user data. To address these challenges, different privacy-preserving machine learning (PPML) frameworks have been developed to protect sensitive information in machine learning applications. These frameworks generally attempt to balance design trade-offs such as computational efficiency, communication overhead, security guarantees, and scalability. Despite the advancements, selecting the optimal framework and parameters for specific deployment scenarios remains a complex and critical challenge for privacy and security application developers. We present Prismo, an open-source recommendation system designed to aid in selecting optimal parameters and frameworks for different PPML application scenarios. Prismo enables users to explore a comprehensive space of PPML frameworks through various properties based on user-defined objectives. It supports automated filtering of suitable candidate frameworks by considering parameters such as the number of parties in multi-party computation or federated learning and computation cost constraints in homomorphic encryption. Prismo models every use case into a Linear Integer Programming optimization problem, ensuring tailored solutions are recommended for each scenario. We evaluate Prismo's effectiveness through multiple use cases, demonstrating its ability to deliver best-fit solutions in different deployment scenarios.

Figures (16)

• Figure 1: Demonstration of centralized federated learning. Parties send locally trained weights to the centralized server, aggregating them and returning the updates to parties.
• Figure 2: Demonstration of differential privacy. The user adds differentially private noise through a sampling process. The obfuscated data is used to train or infer the model.
• Figure 3: Demonstration of a trusted execution environment. Data is encrypted using symmetric cryptography and transferred to the TEE, where it is decrypted, inferred on the model, and the results are re-encrypted and sent back to the user.
• Figure 4: Demonstration of a PPML inference using MPC. Two parties generate secret shares of their data and model and compute the desired functions over several communication rounds, where they exchange data and perform joint computations.
• Figure 5: Demonstration of FHE. An FHE model and encrypted weights are placed in the cloud. Clients send encrypted data, which is then inferred. Results are returned to the client, who decrypts them using their private key.