AIShield’s AI Model Security and Fortanix’s Confidential Computing for AWS Ecosystem

authors image
Amit Phadke and Richard Searle
Published:Jan 5, 2023
Reading Time:3 Minutes

AI’s direct impact on people has raised many questions about privacy, security, data governance, trust, and legality. So, it becomes imperative for some critical domains like healthcare, banking, and automotive to adopt the principles of responsible AI. By doing that, businesses can scale up their AI adoption to capture business benefits, while maintaining user trust and confidence.

By leveraging technologies from Fortanix and AIShield, enterprises can be assured that their data stays protected, and their model is securely executed. The combined technology ensures that the data and AI model protection is enforced during runtime from advanced adversarial threat actors.

Fortanix and AIShield are both available on the AWS marketplace and provide support for AWS Nitro Enclaves. Enterprises using AWS can more easily preserve privacy, securely process sensitive data, and ensure AI model security with AWS Nitro Enclaves using Fortanix’s Confidential AI and AIShield’s AI Model Security solutions.

Fortanix’s Confidential AI and support for AWS Nitro Enclaves

As a leader in the development and deployment of Confidential Computing technology, Fortanix® takes a data-first approach to the data and applications use within today’s complex AI systems. Confidential Computing protects data in use within a protected memory region, referred to as a trusted execution environment (TEE).

This capability, combined with traditional data encryption and secure communication protocols, enables AI workloads to be protected at rest, in motion, and in use — even on untrusted computing infrastructure, such as the public cloud.

Fortanix customers can use AWS Nitro Enclaves to create isolated computing environments to further protect their confidential workloads running on a wide range of Amazon Elastic Compute Cloud (Amazon EC2) instances– without having to make any modifications.

Enterprises can more easily preserve privacy and securely process sensitive data and applications within AWS Nitro Enclaves using Fortanix Data Security Manager and Fortanix Confidential Computing Manager.

Models are deployed using a TEE, referred to as a “secure enclave” in the case of AWS Nitro Enclaves, with an auditable transaction report provided to users on completion of the AI workload. This seamless service requires no knowledge of the underlying security technology and provides data scientists with a simple method of protecting sensitive data and the intellectual property represented by their trained models.

AIShield’s AI Model Security against AI attacks and seamless integration with Fortanix’s Confidential AI SaaS workflow

AIShield is a SaaS-based offering that provides enterprise-class AI model security vulnerability assessment and threat-informed defense model for security hardening of AI assets across cloud and edge.

AIShield, designed as API-first product, can be integrated into the Fortanix Confidential AI model development pipeline providing vulnerability assessment and threat informed defense generation capabilities.

The threat-informed defense model generated by AIShield can predict if a data payload is an adversarial sample. This defense model can be deployed inside the Confidential Computing environment (Figure 1) and sit with the original model to provide feedback to an inference block (Figure 2).

This allows the AI system to decide on remedial actions in the event of an attack. For example, the system can choose to block an attacker after detecting repeated malicious inputs or even responding with some random prediction to fool the attacker.

AIShield provides the last layer of defense, fortifying your AI application against emerging AI security threats. It equips users with security out of the box and integrates seamlessly with the Fortanix Confidential AI SaaS workflow.


Figure 1: AIShield Defense model within the Fortanix Confidential AI workflow (inside the Trusted Execution Environment of AWS Nitro Enclaves)


Figure 2: Interaction between original and defense model with AIShield


Using Fortanix Confidential AI with AIShield AI Security solutions, organizations can realize the complete potential of AI adoption without worrying about the vulnerabilities and data privacy concerns which have previously limited the growth opportunities available through artificial intelligence and machine learning (AI/ML) techniques. Fortanix and AIShield work very closely with AWS and bring the power of AWS Nitro to their AWS customers.

Share this post: