In our second post we described attacks on models and the concepts of input privacy and output privacy. ln our last post, we described horizontal and vertical partitioning of data in privacy-preserving federated learning (PPFL) systems. In this post, we explore the problem of providing input privacy in PPFL systems for the horizontally-partitioned setting.
Models, training, and aggregation
To explore techniques for input privacy in PPFL, we first have to be more precise about the training process.
In horizontally-partitioned federated learning, a common approach is to…