AWS re:Inforce 2024
Secure Your Healthcare Generative Ai Workloads on Amazon Eks Dap221

Title: AWS re:Inforce 2024 - Secure your healthcare generative AI workloads on Amazon EKS (DAP221)

Insights:

  • Introduction and Purpose: The session aims to educate on hardening container images, minimizing attack surfaces, and implementing secure container orchestration for generative AI workloads in healthcare using Amazon EKS.
  • Generative AI Use Cases in Healthcare:
    • AWS HealthScribe: Automatically creates clinical notes from patient-clinician conversations.
    • SageMaker: Used for jumpstarting foundational models or fine-tuning pre-trained models from Hugging Face.
    • Amazon Pharmacy: Utilized for Q&A chatbots using retrieval-augmented generation.
    • Open Repositories: Cancer Imaging Archive and Imaging Data Commons democratize access to large imaging data for machine learning analysis.
  • Threat Landscape Using STRIDE Framework:
    • Spoofing: False authenticity leading to model hijacking and malicious use.
    • Tampering: Introduction of malicious data into AI model training, causing unintended behaviors.
    • Repudiation: False claims and manipulations, often leading to model stealing or side-channel attacks.
    • Information Disclosure: Data leaks and model extraction attacks compromising confidentiality.
    • Denial of Service: Resource exhaustion and adversarial attacks disrupting healthcare operations.
    • Elevation of Privileges: Authorization leakage requiring runtime controls to prevent damage to reputation and legal issues.
  • Detailed Walkthrough:
    • Kubernetes and EKS: Celebrating 10 years, Kubernetes offers vast potential for generative AI workloads.
    • Intelligent Health Assistant Use Case:
      • Biomistril-7b Model: A large language model trained with PubMed central data, supporting multiple languages.
      • EKS Deployment: Core node group for Kubernetes cluster utilities, just-in-time node scaler (Carpenter), and inferential nodes for ML workloads.
      • API Exposure: Fast API Python app with network load balancer or web UI tool like Gradio for user interaction.
  • Security Measures and Best Practices:
    • Spoofing Mitigation: Least privileged access using role-based access control and IAM, with audit logs via CloudTrail.
    • Tampering Mitigation: Ensuring integrity with policy as code solutions, cryptographic signing, and vulnerability scanning.
    • Repudiation Mitigation: Strong telemetry and monitoring with logging drivers and analytics platforms like OpenSearch or CloudWatch.
    • Information Disclosure Mitigation: Encrypting secrets with Key Management Service and Secrets Manager.
    • Denial of Service Mitigation: Preventative measures like network policies, sub-segmentation, and tools like AWS Shield and Firewall Manager.
    • Elevation of Privileges Mitigation: Resource limits, runtime tools like GuardDuty, and automated remediation with AWS Config.
  • Key Takeaways:
    • Generative AI use cases and vulnerability landscape.
    • STRIDE framework application.
    • Architectural patterns and AWS security best practices.
    • Reference to the Data on EKS program for well-architected blueprints.

Quotes:

  • "Are you interested in learning techniques for hardening container images, minimizing attack surfaces, and implementing secure container orchestration?"
  • "94% of executives say it's important to secure AI solutions before deployment, which is why we're talking to you today."
  • "The implications for spoofing include model hijacking, where attackers could gain control of the generative AI model and use it for malicious purposes."
  • "Tampering refers to the intentional introduction of malicious data into the training process of the AI model."
  • "Generative AI models can be vulnerable to data leaks and model extraction attacks."
  • "Denial of service is where resource exhaustion is experienced by denying service, and it usually happens at the network layer."
  • "Elevation of privileges entails authorization leakage and requires runtime controls."
  • "Kubernetes is celebrating 10 years, just four days ago, which is a good thing."
  • "The best part is it's been trained with the PubMed central data, benchmarked across ten different general Q&A, and is multilingual."
  • "Please do reach out to your account teams to engage us and know more about what more than what we could cover in this 20 minutes."
Secure Your Container Environment with Crowdstrike Falcon Security Tdr203 SSecurely Accelerating Generative Ai Innovation Sec203 Int