Machine Learning Artificial Intelligence Deep Learning

Secure your Machine Learning Pipeline

ML applications are disrupting the familiar Big Data analytics pipeline. Data needs to be cleaned, labeled, feature engineered, and layered properly for the machine learning model at hand. Also the data needs to be segmented for training, validation, iterative sub-segments and other ML model related data-sets curation. To accomplish this, data scientists need a well-orchestrated software environment, with tools, storage, applications and numerous dependencies which are attached to the workflow. Today, this environment is typically running on CPU machines with different resources, dimensioned properly across compute, memory, and storage depending on the load. As the data-set is typically a unique and secure asset of the organization, it must conform to strict security policies, sometimes enforced by governance and regulation ruling. To sum it up, the data scientist’s environment is well secured and includes a highly-tuned set of applications and a data/storage structure.

To accelerate the ML development pipeline, many organizations have committed to deployment of GPU servers, which deliver substantial performance enhancement for deep learning models. Those GPU servers (sometimes referred to as ‘super computers’) are deployed with specific software eco-systems, and are typically in organization locations where they can serve multiple groups and teams. It is not uncommon to see a GPU server outside the secured perimeter zone of the project-focused data scientist team, ML engineering, researchers, etc. When the user would like to experiment with the GPU servers he needs to dislocate his complete environment and data from the familiar (and secured) CPU hosts to a GPU server. This resource and time consuming effort is not only wasteful, but at times cannot be done, as the applications and data migration may cut through strict security boundaries and privileged data access.

The data-set, which in many industries is very sensitive, cannot simply be ‘copied’ to a foreign hardware entity and storage (GPU servers). Cutting across organization domains may not be possible. As many users would like to experiment with unique GPU servers, the situation can be further aggravated as multiple users and their privileged data-sets are placed on the same AI server and have one common set of hardware layer – the GPU server (with attached storage). In many cases this will not be permitted by the security policies of the organization. There is a brute-force way to solve this problem, purchasing GPU servers (and many of them) for each project and department, and making sure that each is upgraded with the latest hardware and software. It would be easy the envision the waste that such a plan will create, offering no ability to share resources without breaking security boundaries.

Bitfusion and VMware have solved this problem. With the remote GPUs attach to the workspace of the data scientist, the data-set never leaves the secure zone of the project (neither the storage nor the application). Security boundaries are not breached, and the data scientist is free to run the models on his local CPU or with remote GPUs. Instead of dislocating the data and application and moving them to the destination GPU hardware, Bitfusion attaches the remote GPU hardware to the local software environment (i.e. virtualizing the hardware).

Looking forward, with the expectation that a variety of GPU servers will be deployed (different GPU types, GPUs density, etc.), the migration of data and applications to many new and different hardware-specific servers will pave the way to the potential of multiple security breaches. It is much more secure to make sure that the data stays in the native and secured CPU server environment, and it is only being sent across the network to the destination (and specific) GPU server in a non-persistent batch format (uncoordinated shards of data, that cannot be reconstructed to meaningful data-sets).

Secure your ML environment, and gain the accelerated compute productivity boost without compromising security – now possible with VMware and Bitfusion AI remote attached technology.

Questions or comment? Contact us as askbitfusion@vmware.com

Comments

Leave a Reply

Your email address will not be published.