Async review
Recap core topics:
- Unit 1: Security Fundamentals in Machine Learning
Unit 1: Security Fundamentals in Machine Learning
In Unit 1, you explored…
- Core security principles – Confidentiality, integrity, authentication, non-repudiation, and service integrity in the context of ML workflows.
- Lifecycle threats – Common vulnerabilities across the ML lifecycle, including data poisoning, model inversion, insecure APIs, and audit gaps.
- Infrastructure decisions – Trade-offs between local, cloud, and hybrid setups in terms of control, compliance, scalability, and risk exposure.
- Secure workflow design – Techniques such as threat modelling, least privilege, encryption, and monitoring embedded into ML pipelines.
- Team protocols and culture – Role-based responsibilities, incident response practices, and a culture of continuous security improvement.
Five principles shape every stage of a secure ML system
PrincipleFocus areaML exampleConfidentialityPreventing unauthorised access to data/modelsEncrypting training data and protecting model outputsIntegrityEnsuring correctness of data and models Detecting tampering in training labels or model weightsAuthenticationVerifying user/system identity Using API keys and MFA to restrict model accessNon-repudiation Enabling traceability of actions Logging model updates and access eventsService integrity Defending runtime model behavior Blocking adversarial inputs and monitoring for drift
Threats across the ML lifecycle: Where can things go wrong?
-
Data poisoning: Malicious input during training corrupts model behaviour.
-
Model inversion: Attackers reconstruct training data from outputs.
-
Adversarial inputs: Carefully crafted inputs trick deployed models.
-
API misuse: Open or unauthenticated endpoints expose model logic or data.Secure ML practices
-
Encrypt sensitive assets.
-
Apply role-based access controls.
-
Use secure APIs with rate limiting.
-
Log access and model events.
Who protects what in your ML system?
Security in ML systems is a shared responsibility across roles:
- Data scientists: Monitor model behaviour and validate training data.
- Engineers: Secure data pipelines and configure access controls.
- Platform admins: Manage infrastructure and enforce CI/CD security.
Action item: Quick reflection - What matters most for your role?
Which security concept feels most critical for your role—and why?
Share your response in the chat!