Visor: Privacy-Preserving Video Analytics as a Cloud Service
share
Video-analytics-as-a-service is becoming an important offering for cloud providers. A key concern in such services is the privacy of the videos being analyzed. While trusted execution environments (TEEs) are promising options for preventing the direct leakage of private video content, they remain vulnerable to side-channel attacks. We present Visor, a system that provides confidentiality for the user's video stream as well as the ML models in the presence of a compromised cloud platform and untrusted co-tenants. Visor executes video pipelines in a hybrid TEE that spans both the CPU and GPU enclaves. It protects against any side-channel attack induced by data-dependent access patterns of video modules, and also protects the CPU-GPU communication channel. Visor is up to 1000× faster than naïve oblivious solutions, and its overheads relative to a non-oblivious baseline are limited to 2×–6×.
READ FULL TEXT
