|
Work item:
|
X.sr-mlaas
|
|
Subject/title:
|
Security requirements for machine learning as a service
|
|
Status:
|
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
ITU-T SG13
|
|
Supporting members:
|
State Grid Corporation of China, China Unicom, CAICT
|
|
Summary:
|
As defined in [ITU‑T Y.3531] , MLaaS is a cloud service category in which the capabilities provided to a cloud service customer (CSC) are the provision and use of an ML framework. ML processing needs a large amount of computing power and resources for ML model training due to the large amount of training data and the highly complex computation involved in ML model training. MLaaS resolves the problem by providing elastic computing capabilities and resources in cloud environments based on CSC requests.
Due to the large amount of training data usage and interaction involved in the MLaaS, it increases the security risks. Furthermore, ML deployed in cloud environments has significant differences with general ML in multiple aspects, including control over software and hardware, data security, customization and flexibility, resilience and scalability, disaster recovery, etc. Therefore, it is essential to identify security risks and requirements related to MLaaS.
This draft Recommendation focus on the security issues of MLaaS, analyse the specific security risks, and provides practical guidelines for MLaaS.
This draft Recommendation aims to help organizations who provide and use MLaaS services including CSP:MLSP, CSN:MLDP, CSN:MLMD and CSC:MLSU
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2026-04-02 13:57:20
|
|
Last update:
2026-04-02 14:02:14
|
|
