Researchers warn edge computing’s biometric privacy promise is conditional
Not for the first time, the privacy community is looking at how biometric data can be most effectively and securely processed.
Edge computing has its problems but blending edge devices with cloud services should yield acceptable performance and privacy, according to a pair of recent publications. The potential market boost to the biometrics market from edge computing is the subject of a recent white paper from Biometric Update.
An analysis by trade publication Tech Monitor makes the point that edge computing is both a very good layer to add to biometric initiatives and an option with serious downsides.
Meanwhile, several Chinese researchers have collaborated on an alternative to using only the cloud for processing amounts of data involved in facial recognition, one based on edge computing to reduce the risk of data leakage.
The Tech Monitor piece sets the table, pointing out that computing switches between being a centralized and decentralized operation.
Distributed facial recognition surveillance on IoT cameras avoids the risk of storing honeypots of biometric data, but in doing so, it raises security risks in the form of smaller devices working outside worksite firewalls.
While edge computing could help implement localized policies for data protection and handling, it could also complicate judgements of what information counts as personal or sensitive, as in the case of data collected by connected cars.
Ultimately, the author (Pete Swabey, chief editor of the publication) calls on the perspective of academic researchers and says it is a “net-positive” in privacy if certain technologies are integrated into the mix to cut down the amount and type of data being slung around.
Under a federated learning model, locally trained models are aggregated in the cloud, rather than the underlying data. Machine learning algorithms on edge devices do the processing, cutting the personal data needed to make data useful.
Also, homomorphic encryption, Swabey writes, protects data while maintaining its statistical characteristics so that decryption is not needed to gain insights.
The Chinese paper, written by five Qufu Normal University scientists and one private-sector researcher, focuses on edge computing-based facial recognition and resolution for privacy protection.
The idea, based on an edge framework for face biometrics and resolution, at least reduces the need to shunt private data to the cloud. Task partitioning is used to improve communication and storage efficiency.
Verifiable data deletion is accomplished using Hidden CP-ABE. This proposal would enable granular access control, according to the paper. It also would “ensure the safe deletion of target data in the cloud.”