Protecting Sensitive Data Throughout the ML Pipeline using Confidential Computing


Many organizations wish to train, fine-tune, or perform machine learning inference on sensitive data, to increase productivity of their employees or of their business. However, their sensitive data, such as financial, medical or customer data, is often locked behind strict protection walls, which prevent the organization from extracting value from this data or imposes costs and delays on the process. For example, different banks cannot share data with each other to collaborate for fraud detection or money laundering detection. Even worse, within the same organization (e.g. a bank), different teams often cannot share sensitive data with each other to collaborate, and it usually takes a lengthy and costly governance process for these teams to receive this approval. Now, with generative AI promising to drastically increase productivity, organizations are concerned about their prompts (potentially containing IP data) leaking to the LLM provider and other customers.

In this talk, I will describe the powerful engine of confidential computing, which promises to address these problems through a combination of hardware advances and cryptographic techniques. I will discuss our research from UC Berkeley as well as its tech transfer to industry. The concept is a powerful one: the servers can compute on data without seeing it. The attendees will understand what confidential computing is, what problems it can solve in their sensitive data lifecycle, and which tools they can use today for this purpose.

The attendees will understand what confidential computing is, what problems it can solve in their sensitive data lifecycle, and which tools they can use today for this purpose. Open source:

Background Knowledge:

Basic computer science knowledge (e.g. basic knowledge of the data ML/analytics pipeline, basic cryptographic tools like encryption and digital signatures, and basic computer architecture)


Raluca Ada Popa is the Robert E. and Beverly A. Brooks associate professor of computer science at UC Berkeley working in computer security, systems, and applied cryptography. She is a co-founder and co-director of the RISELab and SkyLab at UC Berkeley, as well as a co-founder of Opaque Systems and PreVeil, two cybersecurity companies. Raluca has received her PhD in computer science as well as her Masters and two BS degrees, in computer science and in mathematics, from MIT. She is the recipient of the 2021 ACM Grace Murray Hopper Award, a Sloan Foundation Fellowship award, Jay Lepreau Best Paper Award at OSDI 2021, Distinguished Paper Award at IEEE Euro S&P 2022, Jim and Donna Gray Excellence in Undergraduate Teaching Award, NSF Career Award, Technology Review 35 Innovators under 35, Microsoft Faculty Fellowship, and a George M. Sprowls Award for best MIT CS doctoral thesis.

Open Data Science




Open Data Science
One Broadway
Cambridge, MA 02142

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Consent to display content from - Youtube
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google