Abstract: A method of selecting data for privacy preserving machine learning comprises: storing training data from a first party, storing a machine learning model, and storing criteria from the first party or from another party. The method comprises filtering the training data to select a first part of the training data to be used to train the machine learning model and select a second part of the training data. The selecting is done by computing a measure, using the criteria, of the contribution of the data to the performance of the machine learning model.

Abstract: A method of selecting data for privacy preserving machine learning comprises: storing training data from a first party, storing a machine learning model, and storing criteria from the first party or from another party. The method comprises filtering the training data to select a first part of the training data to be used to train the machine learning model and select a second part of the training data. The selecting is done by computing a measure, using the criteria, of the contribution of the data to the performance of the machine learning model.

Abstract: This document relates to hardware protection of differential privacy techniques. One example obtains multiple instances of encrypted telemetry data within a secure enclave and processes the encrypted telemetry data to obtain multiple instances of unencrypted telemetry data. The example also processes, within the secure enclave, the multiple instances of unencrypted telemetry data to obtain a perturbed aggregate. The example also releases the perturbed aggregate from the secure enclave.

Abstract: A method of selecting data for privacy preserving machine learning comprises: storing training data from a first party, storing a machine learning model, and storing criteria from the first party or from another party. The method comprises filtering the training data to select a first part of the training data to be used to train the machine learning model and select a second part of the training data. The selecting is done by computing a measure, using the criteria, of the contribution of the data to the performance of the machine learning model.

Abstract: In various examples a compute node is described. The compute node has a central processing unit which implements a hardware transactional memory using at least one cache of the central processing unit. The compute node has a memory in communication with the central processing unit, the memory storing information comprising at least one of: code and data. The compute node has a processor which loads at least part of the information, from the memory into the cache. The processor executes transactions using the hardware transactional memory and at least the loaded information, such that the processor ensures that the loaded information remains in the cache until completion of the execution.

Abstract: This document relates to hardware protection of differential privacy techniques. One example obtains multiple instances of encrypted telemetry data within a secure enclave and processes the encrypted telemetry data to obtain multiple instances of unencrypted telemetry data. The example also processes, within the secure enclave, the multiple instances of unencrypted telemetry data to obtain a perturbed aggregate. The example also releases the perturbed aggregate from the secure enclave.

Abstract: In various examples a compute node is described. The compute node has a central processing unit which implements a hardware transactional memory using at least one cache of the central processing unit. The compute node has a memory in communication with the central processing unit, the memory storing information comprising at least one of: code and data. The compute node has a processor which loads at least part of the information, from the memory into the cache. The processor executes transactions using the hardware transactional memory and at least the loaded information, such that the processor ensures that the loaded information remains in the cache until completion of the execution.

Abstract: A data center has a plurality of secure processing units; a plurality of data stores holding encrypted data records; and a network connecting the secure processing units and the data stores. The secure processing units comprise computing functionality configured to execute a data processing operation in parallel on the secure processing units by being configured to read encrypted records from the stores, process one or more of the encrypted records within the secure processing units, send one or more of the encrypted records to the stores. The data center is configured to carry out a secret shuffle of the data records to protect the privacy of data processed in the data center from an observer observing any one or more of: the reading of the records, the sending of the records, the writing of the records; the secret shuffle comprising a random permutation of the records hidden from the observer.

Abstract: A multi-party privacy-preserving machine learning system is described which has a trusted execution environment comprising at least one protected memory region. An code loader at the system loads machine learning code, received from at least one of the parties, into the protected memory region. A data uploader uploads confidential data, received from at least one of the parties, to the protected memory region. The trusted execution environment executes the machine learning code using at least one data-oblivious procedure to process the confidential data and returns the result to at least one of the parties, where a data-oblivious procedure is a process where any patterns of memory accesses, patterns of disk accesses and patterns of network accesses are such that the confidential data cannot be predicted from the patterns.

Abstract: A data center has a plurality of secure processing units; a plurality of data stores holding encrypted data records; and a network connecting the secure processing units and the data stores. The secure processing units comprise computing functionality configured to execute a data processing operation in parallel on the secure processing units by being configured to read encrypted records from the stores, process one or more of the encrypted records within the secure processing units, send one or more of the encrypted records to the stores. The data center is configured to carry out a secret shuffle of the data records to protect the privacy of data processed in the data center from an observer observing any one or more of: the reading of the records, the sending of the records, the writing of the records; the secret shuffle comprising a random permutation of the records hidden from the observer.

Abstract: An improved search engine technique allows a user to ensure that an untrusted search engine provides complete and correct search results without requiring large proofs for large data collections. Thus techniques are presented for a trusted crawler to index a distributed collection of documents and create an authenticated search structure that allows an untrusted search server to return reliably complete and correct search results.