Support for the exclusion/inclusion of specific data types to be passed through the network. #1429
Conversation
yuliasherman
requested review from
MasterSkepticista,
kminhta,
psfoley and
teoparvanov
as code owners
yuliasherman
force-pushed
the
control_data
branch
from
40155cd to
758496b
Compare
yuliasherman
changed the title
yuliasherman
force-pushed
the
control_data
branch
2 times, most recently
from
8e9ad03 to
78eea6e
Compare
yuliasherman
changed the title
yuliasherman
force-pushed
the
control_data
branch
from
78eea6e to
39ad0a3
Compare
yuliasherman
force-pushed
the
control_data
branch
from
39ad0a3 to
29df05b
Compare
yuliasherman
requested review from
theakshaypant,
noopurintel,
payalcha,
rajithkrishnegowda,
ishaileshpant,
tanwarsh,
aayushgaintel,
gbikkiintel,
srikanthenugul and
pasokan-intel
as code owners
yuliasherman
force-pushed
the
control_data
branch
2 times, most recently
from
9f3a772 to
647db0b
Compare
|
Please rebase you PR. |
yuliasherman
force-pushed
the
control_data
branch
from
647db0b to
08b2692
Compare
yuliasherman
force-pushed
the
control_data
branch
from
08b2692 to
97cad5e
Compare
yuliasherman
force-pushed
the
control_data
branch
2 times, most recently
from
d33b0f9 to
39d337c
Compare
yuliasherman
force-pushed
the
control_data
branch
from
39d337c to
8f8d7b5
Compare
yuliasherman
changed the title
There was a problem hiding this comment.
For the FederatedRuntime, how does the Aggregator become aware of the allowed or prohibited data types configured in the Jupyter Notebook, especially in a distributed infrastructure setup?
Also, have these scenarios been tested on a distributed infrastructure?
prohibited_data_types and allowed_data_types are class attributes of the Runtime class. These attributes are configured in the aggregator code and can be reviewed in the PR. The scenario has been tested with both Local and Federated runtimes. The FederatedRuntime test is expected to behave equivalently to the distributed setup. |
.../experimental/workflow/FederatedRuntime/101_MNIST/workspace/101_MNIST_FederatedRuntime.ipynb
Outdated
Show resolved
Hide resolved
.../experimental/workflow/FederatedRuntime/101_MNIST/workspace/101_MNIST_FederatedRuntime.ipynb
Show resolved
Hide resolved
yuliasherman
force-pushed
the
control_data
branch
from
8f8d7b5 to
d98b174
Compare
yuliasherman
force-pushed
the
control_data
branch
from
d98b174 to
0b92074
Compare
There was a problem hiding this comment.
Thanks @yuliasherman, I think this approach would functionally work - although I'd prefer an object-oriented implementation of the allow/prohibit lists (if at all possible).
Here are some additional thoughts and comments:
.../experimental/workflow/FederatedRuntime/101_MNIST/workspace/101_MNIST_FederatedRuntime.ipynb
Show resolved
Hide resolved
.../experimental/workflow/FederatedRuntime/101_MNIST/workspace/101_MNIST_FederatedRuntime.ipynb
Outdated
Show resolved
Hide resolved
Signed-off-by: yuliasherman <[email protected]>
yuliasherman
force-pushed
the
control_data
branch
from
0b92074 to
69c7f39
Compare
There was a problem hiding this comment.
Approving this PR, as this seems like the best currently known approach to including/excluding "next" function parameter types. This is likely the solution that will go into 1.9, but I suggest not merging it until the alternative approach has been fully considered.
PS: In parallel, we are exploring a solution where the allow/prohibit lists become Runtime instance variables, and are passed around via the plan.yaml. This method is conceptually cleaner, but it may be hindered by the limitations of the runtime object itself (esp. from the collaborator side).
Summary
The Workflow API allows object code to be sent today - in part because we want the Workflow API to be more flexible and give model owners / workflow definers the ability to do things outside of horizontal federated learning. But there should be a way to configure a Workflow (at the Runtime level) that ensures that unwanted data types could not be sent. The benefit of this is that when we eventually implement the
SecureFederatedRuntime, we can attest OpenFL code to ensure that malicious code can not be sent during execution.Type of Change (Mandatory)
Security improvement
Description (Mandatory)
Allow a system to be configured in a way that prohibits/allows passing arguments of chosen types through the FLSpec 'next' function. The new parameters are defined as a Runtime class attributes to be able injecting them into the aggregator object from which the runtime object is not available.
Testing
Manual
Additional Information
The mechanism to terminate a failed experiment in a clean way while using FederatedRuntime yet to be developed.