Core Concepts
The TRUSTroke project proposes a secure and trustworthy network architecture for federated learning in healthcare applications, leveraging CERN's infrastructure and adopting MQTT as the communication protocol to support efficient, asynchronous, and secure exchange of model parameters between the central Parameter Server and the clinical client nodes.
Abstract
The paper presents the network architecture and communication protocols designed for the TRUSTroke project, which aims to leverage federated learning (FL) to assist clinicians in ischemic stroke prediction.
The key aspects of the proposed solution are:
Network Architecture:
The architecture adopts a centralized client-server model, with CERN hosting the central Parameter Server (PS).
The clinical client nodes run a Docker-based design, with a Jump Host container handling the external connection to the PS and an isolated FL client container for local data processing.
This design ensures consistency, portability, and enhanced security by isolating sensitive data processing from model parameter communication.
Communication Protocols:
The paper compares HTTP and MQTT protocols, and selects MQTT as the reference communication protocol due to its better alignment with the asynchronous, one-to-many communication requirements of the FL scenario.
MQTT's publish-subscribe paradigm, efficient message encoding, and built-in security features make it well-suited for the TRUSTroke FL platform.
Control and Data Plane Design:
The control plane manages client authentication, authorization, joining/leaving federations, and global model versioning, all implemented efficiently using MQTT topics and message exchanges.
The data plane leverages MQTT's features like custom payload formats, quality of service, and end-to-end encryption to enable secure and reliable transmission of model parameters.
Security Considerations:
The paper identifies potential security threats and risks associated with each component of the architecture, and proposes mitigation strategies to increase the overall trustworthiness of the FL platform.
Key security measures include access control, authentication, encryption, and secure container design for the clinical client nodes.
The proposed network architecture and communication protocols aim to provide a secure, efficient, and trustworthy foundation for the TRUSTroke federated learning platform in the healthcare domain.