NVIDIA FLARE Security

The security framework of NVIDIA FLARE has been reworked for better usability and to improve security.

Security Framework

NVFLARE is an application running in the IT environment of each participating site. The total security of this application is the combination of the security measures implemented in this application and the security measures of the site’s IT infrastructure.

NVFLARE implements security measures in the following areas (see each section below for details):

  • Identity Security: the authentication and authorization of communicating parties

  • Site Policy Management: the policies for resource management, authorization, and privacy protection defined by each site

  • Communication Security: the confidentiality of data communication messages

  • Message Serialization: techniques for ensuring safe serialization/deserialization process between communicating parties

  • Data Privacy Protection: techniques for preventing local data from being leaked and/or reverse-engineered

  • Auditing: techniques for keeping audit trails to record events (e.g. commands issued by users, learning/training related events that can be analyzed to understand the final results)

All other security concerns must be handled by the site’s IT security infrastructure. These include, but are not limited to:

  • Physical security

  • Firewall policies

  • Data management policies: storage, retention, cleaning, distributions, access, etc.

Security Trust Boundary and Balance of Risk and Usability

The security framework does not operate in vacuum; we assume that physical security is already in place for all participating server and client machines. TLS provides the authentication mechanism within the trusted environments.

Admin Capabilities Through FLARE Console

The NVFLARE system is operated by users using the command line interface provided by the FLARE Console. The following types of commands are available:

  • Check system operating status

  • View system logs

  • Shutdown, restart server or clients

  • Job management (submit, clone, stop, delete, etc.)

  • Start, stop jobs

  • Clean up job workspaces

All commands are subject to authorization policies of the participating sites.

Dynamic Additions and Users and Sites

Federated Authorization makes it possible to dynamically add new users and sites without requiring the server to always keep an up-to-date list of users and sites. This is because the user identity information (name, org, and role) is included in the certificate of the user; and each site now performs authorization based on its local policies (instead of the FL Server performing authorization for all sites).