Big data industry innovation service media
——Focus on data·Changing business
In 2023, after continuous improvement and iteration, generative AI technology will finally spread its wings and fly like a transformed butterfly, leading a grand change in the AI era. At present, this technology has successfully crossed the boundaries of many fields. Whether it is in the fields of medical care, finance, manufacturing, education, or scientific research, generative AI has shown astonishing creative capabilities and huge application prospects.
However, just as many technologies have two sides, generative AI is no exception. While it helps enterprises solve practical problems and improve work efficiency, it also comes with huge hidden dangers of data security and privacy leaks.
Unfortunately, just at the beginning of this year, a large multinational enterprise accidentally leaked sensitive information in its database when conducting large-scale AI model training. This not only caused a major blow to the reputation of the enterprise, but also caused global concern about the generation of AI models. There are deep concerns about the data security of AI technology. Such cases are not isolated, but occur frequently in the industry.
In fact, generative AI may have the risk of data leakage in every aspect of its training and application. From data collection and processing, to model training and deployment, to final output and feedback, every step requires strict security measures to prevent any possible data leakage. This raises an urgent question: How to ensure that generative AI brings us convenience and innovation without sacrificing our data security and privacy rights? The exploration of Amazon Cloud Technology has given us an answer.
On August 31, Amazon Cloud Technology re:Inforce 2023 China Station was officially opened. The theme of this conference is "Comprehensive Intelligent Security in the AI Era". The goal is to help enterprises solve the security challenges of generative AI in all process links.
Security is fundamental to building generative AI applications
Dai Wen, Director of Solution Architecture of Amazon Cloud Technology Greater China, said: Security is an unavoidable and important issue in building generative AI applications. From a full-stack perspective, a reliable compliance system should be built from data, transmission, applications to infrastructure as a whole, so as to truly ensure the security of AI applications.
Dai Wen, Director of Solution Architecture, Amazon Cloud Technology Greater China
Amazon Cloud Technology has always strictly followed the concept of customers owning and controlling data, providing industry-leading technical and physical measures to prevent unauthorized access, and providing encryption and protection services for data covering all aspects of storage, transmission, use, and governance. .
For example, enterprises must first access the database when training AI models. The business data of modern enterprises is the basis of innovation and the "lifeblood". Once the data is leaked, it will have irreversible adverse effects. At the same time, there are also risks of leakage in all aspects of data transmission, use, management, and access.
Therefore, security is an unavoidable issue in building generative AI applications!
For generative AI, Amazon Cloud Technology divides security protection into three stages: data and model security, application security and global compliance, and provides more systematic security protection tools based on this.
Data security starts with storage and transmission
In terms of data protection, the first service recommended by Amazon Cloud Technology is Amazon KMS. Its full name is Amazon Key Management Service, which is a cloud security service that protects user keys through hardware security modules. With Amazon KMS, users can create and manage encryption keys and control related permissions. These keys can be used to access encrypted data across various AWS services and user applications.
Similarly, data transmission is also an important stage of security protection. In this link, Amazon Nitro can be used to build an independent secure transmission channel. Amazon Nitro is a virtualization infrastructure. The Amazon Nitro security chip can be used to encrypt and authenticate access to virtual machines and detect unauthorized hardware modification and malware implantation. Relying on virtualization technology, the Amazon Nitro system can also provide better network and storage performance.
With secure storage and transmission, Amazon Cloud Technology has Amazon Nitro Enclaves computing encryption for the computing link. It can isolate computing instances and control application access to vCPU and memory. It can help users reduce the attack surface of applications that process the most sensitive data, thereby protecting computing security.
Liu Longwei, Security Director of Tuya Information Technology Co., Ltd., said: Tuya Smart is a global Internet of Things solution provider. It uses Amazon Cloud Technology Amazon Nitro as a secure cloud foundation and ensures the trustworthiness of the entire user data system through hardware isolation. Linked with Amazon KMS to achieve higher basic security management, thus serving 780,000 developers and a large number of IoT devices, and making it unbreakable.
At the re:Inforce 2023 conference, Amazon Cloud Technology and Tuya Intelligence established a "Joint Security Laboratory". The two parties will focus on confidential computing and data privacy, Matter in the fields of smart home, data security, security culture construction, overseas compliance, etc. Joint co-creation of technical cooperation and system construction, generative AI in the field of IoT and other security practices.
In addition, Amazon Cloud Technology China Solution Development Center also officially released a sensitive data protection solution, which can automatically discover enterprise sensitive data and manage data assets on a unified platform. For example, in Amazon S3 storage, users are allowed to create data directories, define sensitive data types using built-in or customized data identification rules, use machine learning to match and identify sensitive information, and issue warnings. Manage in a visual way to help users manage and protect sensitive data. The solution is currently available for download.
Training Security, Amazon SageMaker’s Model Three Musketeers
The security of data in the storage, transmission, and calculation links has been guaranteed, and the next thing that needs to be paid attention to is naturally the construction of the model.
Dai Wen said: The number of Amazon IAM API calls exceeds 1 billion per second, which provides a powerful source of power for the construction of large models. Amazon SageMaker is providing model-specific access policies for settings, authorization, verification, tuning, etc., and comprehensively monitors the operation of the model through tools such as Amazon Model Cards, Amazon Model Monitor, and Amazon Model Registry.
During the initial outbreak period of large AI models, the model training process of many companies was in a "streaking" state, that is, the original data and models were not protected, and the risk of data leakage was also the highest at this time.
In response to these pain points, Amazon SageMaker Model Cards, one of the three model musketeers, came out. It is a set of standardized format tools for documenting machine learning models, which can realize unified management of model information, including model description, function, performance and other information. . By using Amazon Model Cards, users can better understand and evaluate machine learning models to select the model that best suits their needs and prepare for the next step of monitoring and management.
Amazon SageMaker Model Monitor provides automated monitoring and detection services, which can help users monitor model performance, data quality, and data deviations in the production environment to ensure the accuracy and stability of the model.
In terms of functionality, Amazon Model Monitor provides data capture, data analysis, data reporting, and data alerts. It can generate detailed reports and alerts to notify users, which helps promote continuous improvement and optimization of the model.
Amazon Model Registry is a powerful tool provided by Amazon SageMaker for managing and tracking versions and metadata of machine learning models. It provides version control, rollback, metadata management, and integration capabilities to enable users to better manage and deploy models.
With the help of the three tools of Amazon SageMaker, users can automate model management and greatly improve work efficiency.
The wave of large models is unstoppable. If enterprise users have weak technical capabilities, can they try to build large models?
Don't worry, we'll arrange it now!
Just in April this year, Amazon Cloud Technology released Amazon Bedrock, a fully managed basic model service, which allows users to access and use the basic models through APIs on demand. Amazon Bedrock privately customizes FMs using users' own data, and uses related tools and capabilities to seamlessly integrate and deploy them into applications without the need to manage any infrastructure.
For example, if a user wants to build a large text generation model with zero foundation, he or she can customize the model requirements on the Amazon cloud through simple operations, and integrate and deploy it to the application through various model tools. In it, it is as simple as assembling Lego, which greatly reduces the threshold of model construction.
Develop security and use AI to learn from each other’s strengths and weaknesses
Now that the exciting phase of model building is over, development is next. Many enterprise-level users jokingly refer to development as: there are too many people, it is easy to make mistakes, and security problems often occur.
In response to these pain points, Amazon Cloud Technology has demonstrated two sets of automated tool services that can help users solve problems.
Amazon CodeWhisperer can be regarded as an AI programming assistant. After training with billions of lines of code, it can generate code suggestions from code snippets to full functions in real time based on user needs and existing code. Amazon CodeWhisperer supports mainstream programming languages and IDEs, and can also provide users with advice on API security, performance, and best practices.
Fusion of machine learning and automated analysis results in Amazon CodeGuru Security, a powerful set of code vulnerability scanning tools that provides vulnerability remediation recommendations and solves security issues such as detecting configuration errors, permission issues, and leaks of sensitive data. Effectively improve the security and reliability of code.
Operational security, guaranteed by the cloud
When a large generative AI model is developed and put into operation, security protection at this stage cannot be taken lightly. Because in the actual operation process, many safety incidents occur in the operation process. At this time, the application needs to protect the security of the model itself, data and user privacy from many aspects, and the most effective way is: verification.
Amazon Verified Permissions is a mechanism provided by Amazon Cloud Technology to developers to verify user access permissions. Through this service, developers can ensure that users can only access the valid permissions required by their applications to protect users' privacy and data security.
When a user authorizes the application, Amazon authenticates and returns an access token that contains the permissions the user has authorized. Developers can use this token to verify the user's permissions and perform appropriate actions as needed.
Through tokenized verification, developers can ensure the security of user data and comply with privacy laws and regulations. At the same time, the data security of the application is also guaranteed through access control.
Build global security compliance
In terms of global security compliance, Amazon Cloud Technology’s global infrastructure includes more than 200 categories of extensive and in-depth cloud services and solutions, including global security compliance, high-speed and stable cloud infrastructure, and global resources and innovative culture.
It is understood that Amazon cloud technology has obtained more than 140 security standards and compliance certifications around the world. It further improved its compliance efficiency significantly by using AI technology in more than 500 of its own compliance audit control items, saving 53% of audit time.
In addition, Amazon Cloud Technology also uses a zero-trust architecture to help users enhance security, flexibility, scalability and effectively reduce security costs, helping enterprises build a more secure, efficient and reliable cloud security system.
Generative AI, as the frontier of artificial intelligence technology, is bringing unprecedented breakthroughs and opportunities to our creation, personalized service, user interaction and innovative research. This not only opens up a new dimension of tools and platforms for us, expanding the boundaries of human creativity and intelligence, but also heralds a digital, highly intelligent future.
In the near future, especially in the Chinese market, the influence of this technology cannot be underestimated. Inadvertently, it triggered a grand "Battle of 100 Models". Almost every industry is trying to use this technology, hoping to use its powerful generation capabilities to achieve industry innovation and breakthroughs. Many top companies have invested resources in in-depth research. Explore and practice.
But at the same time, this wave of innovation has also brought about a series of complex and acute security challenges. When enterprises try to use generative AI to provide customers with unique value and services, they must also face the potential threats and risks that these technologies may bring. In this context, a strong and reliable partner becomes particularly important.
Amazon Cloud Technology, with its profound technology accumulation, continuous innovation capabilities and in-depth insights into the field of AI, has not hesitated to join this competition. In order to meet the increasingly complex security challenges, Amazon Cloud Technology focuses on developing a series of security services for the whole process of generative AI. These services not only target the AI technology itself, but also cover all aspects of related data, algorithms, and applications, aiming to provide enterprises with comprehensive protection.
In fact, security is not just about preventing potential threats or attacks, it also involves how to ensure the reliability, transparency and fairness of technology. For any business, especially in the era of digitalization and hyper-connectivity, security has become a key factor for its success.
Daiwen's point of view also emphasizes this point: "From the first day we devote ourselves to AI technology, safety should be regarded as the first and highest priority." This is not just a technical or strategic issue, but also a business and the core issues of customer interests, reputation and future development.
At this conference, Amazon Cloud Technology and its partners jointly called for the need to put customers at the center, go deep into every aspect of applying AI, and spare no effort to strengthen security. Through close collaboration with partners, Amazon Cloud Technology hopes to jointly create a more secure, reliable and beneficial AI future.
Immediately click "Read the original text" to explore more cloud computing future ideas!
