Apple Details Its Private Cloud Compute System, Promises Stateless Computation and Verifiable Transparency

Apple Details Its Private Cloud Compute System, Promises Stateless Computation and Verifiable Transparency


Apple Intelligence took center stage at this year's Worldwide Developers Conference (WWDC) 2023, highlighting new artificial intelligence (AI) features that will debut with the upcoming iOS 18, iPadOS 18 and macOS Sequoia. During the event, the tech giant revealed that some of the processing of AI functions will be done on the device, and that more complex tasks will be handled by its Private Cloud Compute (PCC) system. Apple has also shared details of its PCC architecture and stated that there is a strong focus on data privacy and security.

Apple shares details of Private Cloud Compute

Craig Federighi, Apple's senior vice president of Software Engineering, said during the event, “Your data is never stored or made accessible to Apple.” While Apple Intelligence has created a sense of curiosity among many users, some have also seemed skeptical about the company's ability to live up to these claims. Among them was Elon Musk, CEO of Tesla, who posted on X (formerly known as Twitter): “It is patently absurd that Apple is not smart enough to create its own AI, but somehow it is able to guarantee that OpenAI will protect your security and privacy!” In particular, Apple has stated that it is using its internal AI models for both on-device and server-side computing.

Now, Apple has shed more light on how its Private Cloud Compute will work in a blog post. Explaining data security issues with traditional cloud servers, the tech giant said it is building a custom infrastructure with key changes to keep user data safe. There are three important pillars: stateless computation, non-targeting, and verifiable transparency.

Stateless computing from Private Cloud Compute

Traditionally, cloud servers have a simple workflow. The data is pinged to the servers where the cloud computers first log it with the user's credentials. This allows the servers to send the information back to the user after the task is executed. Cloud servers also store some or all of the data to provide to the user as a backup, in case the information is requested again (due to file corruption or accidental deletion). This also helps in cost optimization as the servers do not have to recalculate the data.

Instead, Apple said its Private Cloud Compute performs “stateless data processing” where the user's device sends data to PCC for the sole purpose of fulfilling the user's inference request . It also stated that user data remains on the server only until it is returned to the device, and “no user data is retained in any form after the response is returned.” The company added that user data is not preserved even through logging or debugging.

He also claimed that even Apple staff with privileged runtime access cannot bypass the stateless computation guarantee.

The non-targeting of Private Cloud Compute

Cloud servers also face external threats from hackers and bad actors trying to find vulnerabilities to break the system. Apple said it has developed two measures to defend user data from attackers.

First, the tech giant is using Apple's silicon protections and other connected hardware to ensure hardware attacks are rare. Because of Apple's experience in running cloud operations, it has developed hardware that reduces the possibility of cyber attacks. He also adds that any hardware attack at scale would be “prohibitively expensive and likely to be discovered.”

For small-scale attacks, Apple claims that its extensive revalidation in data centers (once data arrives and before it reaches cloud computers for processing) ensures hackers can't target a specific user

“To protect against smaller, more sophisticated attacks that might otherwise escape detection, Private Cloud Compute uses an approach we call target broadcasting to ensure that requests cannot be routed to specific nodes based on the user or their content,” the tech giant added.

Verifiable transparency of Private Cloud Compute

Finally, Apple invites security researchers to verify the end-to-end security and privacy measures of the Private Cloud Compute system. He stated that once PCC is released, it will make the software images of every production build of the cloud system publicly available for security research.

To further aid the investigation, Apple will release all Private Cloud Compute production software images for binary inspection of the operating system, applications, and other executable nodes. Researchers will be able to verify with transparency registry measurements. Researchers will receive rewards for finding flaws in the system.

Affiliate links may be automatically generated; see our ethics statement for more information.


Leave a Reply

Your email address will not be published. Required fields are marked *