pith. sign in

arxiv: 2109.10870 · v1 · pith:52GYSW6Unew · submitted 2021-09-20 · 💻 cs.CR · cs.LG· cs.SE

SoK: Machine Learning Governance

classification 💻 cs.CR cs.LGcs.SE
keywords systemsprincipalssystembenefitscyclefailuresgovernancehighlight
0
0 comments X
read the original abstract

The application of machine learning (ML) in computer systems introduces not only many benefits but also risks to society. In this paper, we develop the concept of ML governance to balance such benefits and risks, with the aim of achieving responsible applications of ML. Our approach first systematizes research towards ascertaining ownership of data and models, thus fostering a notion of identity specific to ML systems. Building on this foundation, we use identities to hold principals accountable for failures of ML systems through both attribution and auditing. To increase trust in ML systems, we then survey techniques for developing assurance, i.e., confidence that the system meets its security requirements and does not exhibit certain known failures. This leads us to highlight the need for techniques that allow a model owner to manage the life cycle of their system, e.g., to patch or retire their ML system. Put altogether, our systematization of knowledge standardizes the interactions between principals involved in the deployment of ML throughout its life cycle. We highlight opportunities for future work, e.g., to formalize the resulting game between ML principals.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. A2-DIDM: Privacy-preserving Accumulator-enabled Auditing for Distributed Identity of DNN Model

    cs.CR 2024-05 unverdicted novelty 5.0

    A2-DIDM uses accumulators and ZK proofs on blockchain to verify DNN model identity from weight checkpoint sequences while protecting data and function privacy.