Best practice for protection IP Data downloaded to App?

I'm enhancing a commercial App which until now has used cloud AI models to analyse data and make predictions.

The enhancement is moving the models onto the app for applications with no or limited network access.

The models that it uses represent significant IP to our clients and it is imperative that we secure any models download to a device from theft.

I was intrigued by WWDC2020's CoreML update including support for encrypting models.
This would be ideal but we can't use CoreML as they are for now since CoreML's tools are more visual/sound/language/text focused.
Nice to know that this is a recognised issue with in-app ML model usage.

What are the best available options in iOS right now that don't run foul of encryption export laws or even Apple's app store rules etc?

Or models are Javascript which we run in a JavaScriptCore VM with additional data files loaded from json string files.

I don't think NSFileProtection is enough as it leaves things open to the user. Obviously we want to user to use models but not extract them.

Thanks!
George
Up vote post of Seoras Down vote post of Seoras
601 views
Posted by
Seoras
Reply
Add a Comment

Replies

I'm no expert, but why is CoreML not an option? CoreML is not limited to visual/sound/language/text, and you can use the coremltools to convert models from TensorFlow, PyTorch, Keras, Caffe, LIBSVM, scikit-learn, and XGBoost to a .coreml model that could then leverage on-device encryption.

Presuming that is not an option, I'd think you need to try and identify the particular touch-points where a model could become compromised. For example, if it is bundled with the app at the time in which the app is published to the App Store, would that model be accessible to anyone with access to the device? Subsequently, I'd think you could even go more old-school and consider compressing and encrypting the model when it is bundled with the app/downloaded from a server, then decompress and decrypt the model using either a key hard-coded in the app's code, or some mechanism to confirm the user's identity and approval to decrypt (using CryptoKit or something of the like).

Again, no expert on the topic, but saw that it's been a few days since you posted this and I'd be curious of a more Apple-approved answer, too.
Posted by
brandonK212
Up vote reply of brandonK212 Down vote reply of brandonK212
Add a Comment
It really boils down to securely passing the private key for decryption to a device which is then stored in keychain or similar.
Apple appears to have a solution for this but it is limited to their own CoreML models.
I'm tempted to (re) ask this question framed around how to get a private key into an app's keychain securely using iCloud or similar?

A good summary of CoreML's new encryption solution is given on the website machinethink dot net in their blog. For some unexplained reason I couldn't post a link to it, or any site, here in my reply. If you want a quick overview go read their latest blog entry titled "Apple machine learning in 2020: What’s new?"

Posted by
Seoras
Up vote reply of Seoras Down vote reply of Seoras
Add a Comment