可信AI治理框架探索与实践

夏正勋; 唐剑飞; 罗圣美; 张燕

doi:10.11959/j.issn.2096-0271.2022036

您当前的位置：

首页 >

文章列表页 >

可信AI治理框架探索与实践

应用 | 更新时间：2024-06-03

- 可信AI治理框架探索与实践
- Exploration and practice of trusted AI governance framework
- 大数据 2022年8卷第4期页码：145-164
- 作者机构：
- 作者简介：
  
  [ "夏正勋（1979‒ ），男，星环信息科技（上海）股份有限公司高级研究员，主要研究方向为大数据、数据库、人工智能、流媒体处理技术等" ]
  [ "唐剑飞（1986‒ ），男，星环信息科技（上海）股份有限公司大数据技术标准研究员，主要研究方向为大数据、数据库、图计算等" ]
  [ "罗圣美（1971‒ ），男，博士，星环信息科技（上海）股份有限公司大数据研究院院长，主要研究方向为大数据、并行计算、云存储、人工智能等" ]
  [ "张燕（1985‒ ），女，星环信息科技（上海）股份有限公司大数据技术研究员，主要研究方向为大数据、人工智能等" ]
- 基金信息：
- DOI：10.11959/j.issn.2096-0271.2022036
  中图分类号： TP311.13
- 网络首发：2022-07，
  
  纸质出版：2022-07-15
- 稿件说明：
移动端阅览
夏正勋, 唐剑飞, 罗圣美, 等. 可信AI治理框架探索与实践[J]. 大数据, 2022,8(4):145-164.

Zhengxun XIA, Jianfei TANG, Shengmei LUO, et al. Exploration and practice of trusted AI governance framework[J]. Big data research, 2022, 8(4): 145-164.
夏正勋, 唐剑飞, 罗圣美, 等. 可信AI治理框架探索与实践[J]. 大数据, 2022,8(4):145-164. DOI： 10.11959/j.issn.2096-0271.2022036.

Zhengxun XIA, Jianfei TANG, Shengmei LUO, et al. Exploration and practice of trusted AI governance framework[J]. Big data research, 2022, 8(4): 145-164. DOI： 10.11959/j.issn.2096-0271.2022036.

摘要

人工智能进一步提升了信息系统的自动化程度，但在其规模应用过程中出现了一些新问题，如数据安全、隐私保护、公平伦理等。为了解决这些问题，推动AI由可用系统向可信系统转变，提出了可信AI治理框架——T-DACM，从数据、算法、计算、管理4个层级入手提升AI的可信性，设计了不同组件针对性地解决数据安全、模型安全、隐私保护、模型黑盒、公平无偏、追溯定责等具体问题。T-DACM实践案例为业界提供了一个可信AI治理示范，为后续基于可信AI治理框架的产品研发提供了一定的参考。

Abstract

Artificial intelligence (AI) has further improved the automation of information systems

however

some issues have been exposed during its large-scale application

such as data security

privacy protection

and fair ethics.To solve these issues and promote the transition of AI from available systems to trusted systems

the T-DACM trusted AI governance framework was proposed to improve the credibility of AI from the four levels of data

algorithm

calculation

and management.Different components were designed to solve specific issues such as data security

model security

privacy protection

model black box

fairness

accountability

and traceability.T-DACM practice case provides a demonstration of the trusted AI governance framework for the industry and provides a certain reference for subsequent product research and development based on the trusted AI governance framework.

关键词

Keywords

references

杨庆峰 . 从人工智能难题反思AI伦理原则 [J ] . 哲学分析 , 2020 , 11 ( 2 ): 137 - 150 , 199 .

YANG Q F . An analysis of ethical principle of AI:based on the difficult problem of AI [J ] . Philosophical Analysis , 2020 , 11 ( 2 ): 137 - 150 , 199 .

IDC . IDC forecasts companies to spend almost $342 billion on AI solutions in 2021 [Z ] . 2021 .

Z HANG M G , ZENG K H , WANG J W . A survey on face anti-spoofing algorithms [J ] . Journal of Information Hiding and Privacy Protection , 2020 , 2 ( 1 ): 21 - 34 .

LU J J , SIBAI H , FABRY E . Adversarial examples that fool detectors [J ] . arXiv preprint,2017,arXiv:1712.02494 .

GU T Y , DOLAN-GAVITT B , GARG S . BadNets:identifying vulnerabilities in the machine learning model supply chain [J ] . arXiv preprint,2017,arXiv:1708.06733 .

邢根上 , 鲁芳 , 罗定提 . 政府监管下的电商大数据“杀熟”演化仿真分析 [J ] . 湖南工业大学学报 , 2021 , 35 ( 2 ): 65 - 72 .

XING G S , LU F , LUO D T . An evolution simulation analysis of E-commerce big data-based price discrimination under government supervision [J ] . Journal of Hunan University of Technology , 2021 , 35 ( 2 ): 65 - 72 .

朱悦蘅 , 王凯军 . 数字劳工过度劳动的逻辑生成与治理机制 [J ] . 社会科学 , 2021 ( 7 ): 59 - 69 .

ZHU Y H , WANG K J . Logical generation and governance mechanism of digital labor overwork [J ] . Journal of Social Sciences , 2021 ( 7 ): 59 - 69 .

刘慈欣 . 三体 [J ] . 意林 , 2019 ( 12 ): 67 .

LIU C X . The three body problem [J ] . Yilin , 2019 ( 12 ): 67 .

GOODFELLOW I J , SHLENS J , SZEGEDY C . Explaining and harnessing adversarial examples [J ] . arXiv preprint,2014,arXiv:1412.6572 .

RIBEIRO M T , SINGH S , GUESTRIN C . “Why should I trust you? ”:explaining the predictions of any classifier [C ] // Proceedings of 2016 Conference of the North American Chapter of the Association for Computational Linguistics:Demonstrations . Stroudsburg:Association for Computational Linguistics , 2016 .

GIDARIS S , KOMODAKIS N . Dynamic few-shot visual learning without forgetting [C ] // Proceedings of 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition . Piscataway:IEEE Press , 2018 .

NGUYEN H H , FANG F M , YAMAGISHI J , et al . Multi-task learning for detecting and segmenting manipulated facial images and videos [J ] . arXiv preprint,2019,arXiv:1906.06876 .

IOSIFIDIS V , FETAHU B , NTOUTSI E . FAE:a fairness-aware ensemble framework [C ] // Proceedings of 2019 IEEE International Conference on Big Data . Piscataway:IEEE Press , 2019 : 1375 - 1380 .

SAUER A , GEIGER A . Counterfactual generative networks [J ] . arXiv preprint,2021,arXiv:2101.06046 .

梁春丽 . 欧盟AI道德准则草案出炉 [J ] . 金融科技时代 , 2019 , 27 ( 2 ): 91 .

LIANG C L . Draft EU AI ethics code released [J ] . Financial Technology Time , 2019 , 27 ( 2 ): 91 .

SHIN J , BULUT O , GIERL M J . Development practices of trusted AI systems among canadian data scientists [J ] . International Review of Information Ethics , 2020 , 28 : 1 - 10 .

ICO . Explaining decisions made with AI [Z ] . 2021 .

WINTER P M , EDER S , WEISSENBÖCK J , , et al . Trusted artificial intelligence:towards certification of machine learning applications [J ] . arXiv preprint,2021,arXiv:2103.16910 .

MENG D Y , CHEN H . MagNet:a twopronged defense against adversarial examples [C ] // Proceedings of 2017 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2017 .

KUANG K , XIONG R X , CUI P , et al . Stable prediction across unknown environments [J ] . arXiv preprint,2018,arXiv:1806.06270 .

ZHANG Q S , YANG Y , MA H T , et al . Interpreting CNNs via decision trees [C ] // Proceedings of 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition . Piscataway:IEEE Press , 2019 : 6254 - 6263 .

FENG R , YANG Y , LYU Y H , et al . Learning fair representations via an adversarial framework [J ] . arXiv preprint,2019,arXiv:1904.13341 .

ZHAO Y Y , ZHONG Z , YANG F X , et al . Learning to generalize unseen domains via memory-based multi-source metalearning for person re-identification [C ] // Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition . Piscataway:IEEE Press , 2021 : 6277 - 6286 .

国家新一代人工智能治理专业委员会 . 发展负责任的人工智能:新一代人工智能治理原则发布 [J ] . 科技与金融 , 2019 ( 7 ): 2 - 3 .

The National New Generation Artificial Intelligence Governance Specialist Committee . Developing responsible AI:a new generation of AI governance principles released [J ] . Sci-Tech Finance Monthly , 2019 ( 7 ): 2 - 3 .

景慧昀 , 魏薇 , 周川 , 等 . 人工智能安全框架 [J ] . 计算机科学 , 2021 , 48 ( 7 ): 1 - 8 .

JING H Y , WEI W , ZHOU C , et al . Artificial intelligence security framework [J ] . Computer Science , 2021 , 48 ( 7 ): 1 - 8 .

JIANG H , NACHUM O . Identifying and correcting label bias in machine learning [J ] . arXiv preprint,2019,arXiv:1901.04966 .

HUANG L , VISHNOI N . Stable and fair classification [C ] // Proceedings of the 36th International Conference on Machine Learning .[S.l.:s.n. ] , 2019 : 2879 - 2890 .

YANG Q , LIU Y , CHEN T J , et al . Federated machine learning:concept and applications [J ] . arXiv preprint,2019:arXiv:1902.04885 .

HARDT M , PRICE E , SREBRO N . Equality of opportunity in supervised learning [C ] // Proceedings of the 30th International Conference on Neural Information Processing Systems . New York:ACM Press , 2016 : 3323 - 3331 .

BERK R , HEIDARI H , JABBARI S , et al . Fairness in criminal justice risk assessments:the state of the art [J ] . arXiv preprint,2017,arXiv:1703.09207 .

SHEN S , TOPLE S , SAXENA P . AUROR:defending against poisoning attacks in collaborative deep learning systems [C ] // Proceedings of the 32nd Annual Conference on Computer Security Applications . New York:ACM Press , 2016 : 508 - 519 .

李立明 , 詹思延 , 叶冬青 , 等 . 流行病学 [M ] . 北京 : 人民卫生出版社 , 2020 .

LI L M , ZHAN S Y , YE D Q , et al . Epidemiology [M ] . Beijing : People’s Medical Publishing House , 2020 .

AFCHAR D , NOZICK V , YAMAGISHI J , et al . MesoNet:a compact facial video forgery detection network [C ] // Proceedings of 2018 IEEE International Workshop on Information Forensics and Security . Piscataway:IEEE Press , 2018 : 1 - 7 .

JOURABLOO A , LIU Y J , LIU X M . Face De-Spoofing:anti-spoofing via noise modeling [C ] // Proceedings of the European Conference on Computer Vision ,[S.l.:s.n. ] , 2018 : 290 - 306 .

KAMIRAN F , CALDERS T . Data preprocessing techniques for classification without discrimination [J ] . Knowledge and Information Systems , 2012 , 33 ( 1 ): 1 - 33 .

ZHANG Z , NEILL D B . Identifying significant predictive bias in classifiers [J ] . arXiv preprint,2016,arXiv:1611.08292 .

CALDERS T , VERWER S . Three naive Bayes approaches for discrimination-free classification [J ] . Data Mining and Knowledge Discovery , 2010 , 21 ( 2 ): 277 - 292 .

ROSENBAUM P R , RUBIN D B . The central role of the propensity score in observational studies for causal effects [J ] . Biometrika , 1983 , 70 ( 1 ): 41 - 55 .

HULLSIEK K H , LOUIS T A . Propensity score modeling strategies for the causal analysis of observational data [J ] . Biostatistics , 2002 , 3 ( 2 ): 179 - 193 .

CHIPMAN H A , GEORGE E I , MCCULLOCH R E . BART:Bayesian additive regression trees [J ] . The Annals of Applied Statistics , 2010 , 4 ( 1 ): 266 - 298 .

YAO L Y , LI S , LI Y L , et al . ACE:adaptively similarity-preserved representation learning for individual treatment effect estimation [C ] // Proceedings of 2019 IEEE International Conference on Data Mining . Piscataway:IEEE Press , 2019 : 1432 - 1437 .

KUANG K , CUI P , LI B , et al . Treatment effect estimation with data-driven variable decomposition [C ] // Proceedings of the 31st AAAI Conference on Artificial Intelligence .[S.l.:s.n. ] , 2017 : 140 - 146 .

BISHOP J M . Artificial intelligence is stupid and causal reasoning won’t fix it [J ] . arXiv preprint,2020,arXiv:2008.07371 .

GEIRHOS R , JACOBSEN J H , MICHAELIS C , et al . Shortcut Learning in deep neural networks [J ] . Nature Machine Intelligence , 2020 , 2 ( 11 ): 665 - 673 .

MOOSAVI-DEZFOOLI S M , FAWZI A , FAWZI O , et al . Universal adversarial perturbations [C ] // Proceedings of 2017 IEEE Conference on Computer Vision and Pattern Recognition . Piscataway:IEEE Press , 2017 : 86 - 94 .

HOSPEDALES T M , ANTONIOU A , MICAELLI P , et al . Meta-learning in neural networks:a survey [J ] . IEEE Transactions on Pattern Analysis and Machine Intelligence , 2021 :1.

ZHANG Y , YANG Q . A survey on multitask learning [J ] . IEEE Transactions on Knowledge and Data Engineering , 2021 :1.

HE X , ZHAO K Y , CHU X W . AutoML:a survey of the state-of-the-art [J ] . Knowledge-Based Systems , 2021 , 212 : 106622 .

CATON S , HAAS C . Fairness in machine learning:a survey [J ] . arXiv preprint,2020,arXiv:2010.04053 .

TANG DIANE , AGARWAL A , O’BRIEN D , et al . Overlapping experiment infrastructure:more,better,faster experimentation [C ] // Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining . New York:ACM Press , 2010 .

YAO L Y , CHU Z X , LI S , et al . A survey on causal inference [J ] . ACM Transactions on Knowledge Discovery from Data , 2021 , 15 ( 5 ): 1 - 46 .

VERMA T , PEARL J . Equivalence and synthesis of causal models [C ] // Proceedings of the 6th Annual Conference on Uncertainty in Artificial Intelligence .[S.l.:s.n. ] , 1990 : 255 - 270 .

SPIRTES P , GLYMOUR C , SCHEINES R . Causation,prediction,and search [M ] .[S.l. ] : The MIT Press , 2001 .

HOYER P O , JANZING D , MOOIJ J , et al . Nonlinear causal discovery with additive noise models [C ] // Proceedings of the 21st International Conference on Neural Information Processing Systems.Red Hook:Curran Associates Inc . , 2008 : 689 - 696 .

SHIMIZU S , HOYER P O , HYVÄRINEN A , , et al . A linear non-gaussian acyclic model for causal discovery [J ] . The Journal of Machine Learning Research , 2006 , 7 : 2003 - 2030 .

CORNFIELD J , HAENSZEL W , HAMMOND E C , et al . Smoking and lung cancer:recent evidence and a discussion of some questions [J ] . International Journal of Epidemiology , 2009 , 38 ( 5 ): 1175 - 1191 .

ANGRIST J D , IMBENS G W , RUBIN D B . Identification of causal effects using instrumental variables [J ] . Journal of the American Statistical Association , 1996 , 91 ( 434 ): 444 - 455 .

MIAO W , GENG Z , TCHETGEN E J . Identifying causal effects with proxy variables of an unmeasured confounder [J ] . Biometrika , 2018 , 105 ( 4 ): 987 - 993 .

TSAMARDINOS I , ALIFERIS C F . Towards principled feature selection:relevancy,filters and wrappers [C ] // Proceedings of International Workshop on Artificial Intelligence and Statistics .[S.l.:s.n. ] , 2003 : 300 - 307 .

TSAMARDINOS I , ALIFERIS C F , STATNIKOV A . Time and sample efficient discovery of Markov blankets and direct causal relations [C ] // Proceedings of the 9th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining . New York:ACM Press , 2003 : 673 - 678 .

TSAMARDINOS I , BROWN L E , ALIFERIS C F . The max-min hillclimbing Bayesian network structure learning algorithm [J ] . Machine Learning , 2006 , 65 ( 1 ): 31 - 78 .

KAMISHIMA T , AKAHO S , ASOH H , et al . Fairness-aware classifier with prejudice remover regularizer [C ] // Machine Learning and Knowledge Discovery in Databases , 2012 : 35 - 50 .

GOODFELLOW I , POUGET-ABADIE J , MIRZA M , et al . Generative adversarial networks [J ] . Communications of the ACM , 2020 , 63 ( 11 ): 139 - 144 .

ADEL T , VALERA I , GHAHRAMANI Z , et al . One-Network adversarial fairness [J ] . Proceedings of the AAAI Conference on Artificial Intelligence , 2019 , 33 : 2412 - 2420 .

PLEISS G , RAGHAVAN M , WU F , et al . On fairness and calibration [J ] . arXiv preprint,2017,arXiv:1709.02012 .

ZHU L G , LIU Z J , HAN S . Deep leakage from gradients [J ] . arXiv preprint,2019,arXiv:1906.08935 .

TRAMÈR F , ZHANG F , JUELS A , et al . Stealing machine learning models via prediction APIs [J ] . arXiv preprint,2016:arXiv:1609.02943 .

GENTRY C , . Fully homomorphic encryption using ideal lattices [C ] // Proceedings of the 41st annual ACM symposium on Symposium on theory of computing . New York:ACM Press , 2009 : 169 - 178 .

DWORK C , MCSHERRY F , NISSIM K , et al . Calibrating noise to sensitivity in private data analysis [C ] // Theory of Cryptography . Berlin:Springer , 2006 : 265 - 284 .

SHAMIR A . How to share a secret [J ] . Communications of the ACM , 1979 , 22 ( 11 ): 612 - 613 .

GOLDWASSER S , MICALI S , RACKOFF C . The knowledge complexity of interactive proof systems [J ] . SIAM Journal on Computing , 1989 , 18 ( 1 ): 186 - 208 .

RABIN M . How to exchange secrets with oblivious transfer [J ] . IACR Cryptol EPrint Arch , 2005 :187.

YAO A C C , . How to generate and exchange secrets [C ] // Proceedings of 27th Annual Symposium on Foundations of Computer Science . Piscataway:IEEE Press , 1986 : 162 - 167 .

HENDRICKS L A , AKATA Z , ROHRBACH M , et al . Generating visual explanations [C ] // Computer Vision –ECCV 2016 .[S.l.:s.n. ] , 2016 .

SPEICHER T , HEIDARI H , GRGICHLACA N , et al . A unified approach to quantifying algorithmic unfairness:measuring individual ＆ Group unfairness via inequality indices [C ] // Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery ＆Data Mining . New York:ACM Press , 2018 : 2239 - 2248 .

浏览量

826

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

XAI架构探索与实践