[Q&A] identity security and custom code

[evgvain]

Python version (python3 -V)

3.10

NVFlare version (python3 -m pip list | grep "nvflare")

2.4.1

NVFlare branch (if running examples, please use the branch that corresponds to the NVFlare version, git branch)

2.4.1

Operating system

Ubuntu 22.04

Have you successfully run any of the following examples?

• hello-numpy-sag with simulator
• hello-pt with simulator
• hello-numpy-sag with POC
• hello-pt with POC

Please describe your question

I'm trying to understand the security implications of custom job configuration and code distribution. As I understand it, the server distributes both to clients just before the job execution. This model assumes trust in the server, as it controls the code and configuration.
Is my understanding correct? Are there potential security risks associated with this approach, such as data leakage or unauthorized code execution?
I'm exploring options to enhance security and control. Is it possible to decouple configuration and code distribution from job execution? Potentially, this decoupling might allow clients verify the configuration (e.g. filters applied) and authenticity of the distributed code (e.g., through code signing)?
Any insights into these questions would be greatly appreciated.

[YuanTingHsieh]

Hi @evgvain very good observations!

You are right about that, IF the client site allows the "custom" code to be deployed on its site, then it has some degree of trust in the server.

NVFlare has the solution to different scenarios of deployment and trust level.
For example, the client site can use its own site security policy (via an authorization.json file) to BLOCK the custom code job. (https://nvflare.readthedocs.io/en/stable/user_guide/security/identity_security.html#rights)
That way if a job contains custom code in the custom folder, it will not be able to be deployed to this client site so it will not be run.
Each client site can pre-installed the needed code themselves so that they don't need to trust the server for that distribution (or any admin user's custom code).

Yes, the clients have various way to check that, please read carefully this page: https://nvflare.readthedocs.io/en/stable/user_guide/security/identity_security.html

We also have some examples showcasing this functionality:
job-level-authorization

[evgvain]

Thank you. It is a useful reference!