Strengthening Edge AI Security via Differential Privacy and Hardware Level Trust Execution Environments for Sensitive Data Processing

Authors

  • Patrick Ellsworth School of Engineering University of North Florida

Abstract

The proliferation of edge computing and artificial intelligence has catalyzed a transformative shift in decentralized data processing, allowing for real-time analytics and reduced latency in critical infrastructures. However, this migration of intelligence to the periphery introduces significant security vulnerabilities, particularly when handling sensitive personal or institutional data in hostile or unmanaged environments. This research paper explores a multi-layered security architecture that integrates Differential Privacy (DP) with hardware-level Trusted Execution Environments (TEEs) to fortify Edge AI deployments. By combining the mathematical guarantees of DP against inference attacks with the physical and architectural isolation provided by TEEs, we propose a robust framework for sensitive data processing. The study provides an in-depth system-level discussion on the structural trade-offs between computational overhead, data utility, and security guarantees. We analyze the governance implications of deploying such high-assurance systems in sectors like healthcare, finance, and smart city management, emphasizing the need for sustainable and resilient socio-technical infrastructures. Furthermore, the paper evaluates the deployment challenges inherent in heterogeneous edge landscapes and offers a forward-looking perspective on the policy frameworks required to support privacy-preserving autonomous systems. Through detailed conceptual analysis and cross-domain comparisons, this work demonstrates that the synergy between software-defined privacy and hardware-anchored trust is essential for the next generation of secure, fair, and robust Edge AI.

References

1.Abadi, M., Chu, A., Goodfellow, I., McMahan, B., Mironov, I., Talwar, K., & Zhang, L. (2016). Deep learning with differential privacy. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 308–318.

2.Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., & Ayyash, M. (2015). Internet of Things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys & Tutorials, 17(4), 2347–2376.

3.Baumann, A., Peinado, M., & Hunt, G. (2015). Shielding applications from an untrusted cloud with Haven. ACM Transactions on Computer Systems (TOCS), 33(3), 1–28.

4.Bonawitz, K., Ivanov, V., Kreuter, B., Marcedone, A., McMahan, H. B., Patel, S., ... & Seth, K. (2017). Practical secure aggregation for privacy-preserving machine learning. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 1175–1191.

5.Calo, R. (2017). Artificial intelligence policy: a primer and roadmap. UC Davis Law Review, 51, 399.

6.Costan, V., & Devadas, S. (2016). Intel SGX explained. Cryptology ePrint Archive.

7.Deng, S., Zhao, H., Fang, W., Yin, J., Dustdar, S., & Zomaya, A. Y. (2020). Edge intelligence: The confluence of edge computing and artificial intelligence. IEEE Internet of Things Journal, 7(8), 7457–7469.

8.Dwork, C. (2008). Differential privacy: A survey of results. International Conference on Theory and Applications of Models of Computation, 1–19.

9.Floridi, L., & Cowls, J. (2019). A unified framework of five principles for AI in society. Harvard Data Science Review, 1(1).

10.Gentry, C. (2009). Fully homomorphic encryption using ideal lattices. Proceedings of the Forty-first Annual ACM Symposium on Theory of Computing, 169–178.

11.Ji, Y., Jiang, Z., Schuster, R., Richardson, V., & Vitali, G. (2025). On the resilience of hardware-assisted isolation for edge devices. Journal of Systems Architecture, 154, 103211.

12.Kang, Y., Hauswald, J., Cao, C., Zheng, Q., Mudge, T., Mars, J., & Tang, L. (2017). Neurosurgeon: Collaborative intelligence between the cloud and edge. ACM SIGPLAN Notices, 52(4), 615–629.

13.Kairouz, P., McMahan, H. B., Avent, B., Bellet, A., Bennis, M., Bhagoji, A. N., ... & Zhao, S. (2021). Advances and open problems in federated learning. Foundations and Trends® in Machine Learning, 14(1–2), 1–210.

14.Li, H., Ota, K., & Dong, M. (2018). Learning IoT in edge: Deep learning for the Internet of Things with edge computing. IEEE Network, 32(1), 96–101.

15.Lindell, Y. (2021). Secure multiparty computation. Communications of the ACM, 64(1), 86–96.

16.McMahan, B., Moore, E., Ramage, D., Hampson, S., & y Arcas, B. A. (2017). Communication-efficient learning of deep networks from decentralized data. Artificial Intelligence and Statistics, 1273–1282.

17.Mo, F., Haddadi, H., Katevas, K., Roggen, D., Farrahi, K., & Mortier, R. (2021). PPFL: Privacy-preserving federated learning with trusted execution environments. Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services, 94–108.

18.Nasr, M., Shokri, R., & Houmansadr, A. (2019). Comprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning. IEEE Symposium on Security and Privacy (SP), 739–753.

19.Park, J., Samarakoon, S., Elgabli, A., Kim, J., Bennis, M., Kim, S. L., & Debbah, M. (2021). Communication-efficient and distributed learning over wireless networks: Principles and applications. Proceedings of the IEEE, 109(5), 796–819.

20.Parno, B., Howell, J., Lorch, J. R., & Douceur, J. R. (2013). Pinocchio: Nearly practical verifiable computation. IEEE Symposium on Security and Privacy, 238–252.

21.Sattler, F., Wiedemann, S., Müller, K. R., & Samek, W. (2019). Robust and communication-efficient federated learning from non-iid data. IEEE Transactions on Neural Networks and Learning Systems, 31(9), 3400–3413.

22.Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., & Russinovich, M. (2015). VC3: Trustworthy data analytics in the cloud using SGX. IEEE Symposium on Security and Privacy, 38–54.

23.Shokri, R., Stronati, M., Song, C., & Shmatikov, V. (2017). Membership inference attacks against machine learning models. IEEE Symposium on Security and Privacy (SP), 3–18.

24.Shi, W., Cao, J., Zhang, Q., Li, Y., & Xu, L. (2016). Edge computing: Vision and challenges. IEEE Internet of Things Journal, 3(5), 637–646.

25.Shi, C., Li, S., Lu, W., Wu, W., Wang, C., Cheng, Z., ... & Chua, T. S. (2026). TraceRouter: Robust Safety for Large Foundation Models via Path-Level Intervention. arXiv preprint arXiv:2601.21900.

26.Subramanyan, P., Sinha, S., Lebedev, I., Devadas, S., & Seshia, S. A. (2017). A formal foundation for secure remote execution of enclaves. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2435–2450.

27.Tramèr, F., & Boneh, D. (2018). Slalom: Confidential machine learning on untrusted accelerators. arXiv preprint arXiv:1806.03287.

28.Van Bulck, J., Minkin, M., Weisse, O., Genkin, D., Kasikci, B., Piessens, F., ... & Strackx, R. (2018). Foreshadow: Extracting the keys to the Intel SGX kingdom with L1 terminal fault. 27th USENIX Security Symposium, 991–1008.

29.Wang, J., Liu, J., Zhao, N., & Chen, R. (2026). Integrated privacy preservation for decentralized autonomous systems. Systems Engineering and Security, 14(2), 210–228.

30.Wood, I. D., & Stankovic, J. A. (2002). Denial of service in sensor networks. Computer, 35(10), 54–62.

31.Wu, X., Fan, K., Huang, Q., & Li, H. (2025). Differentially private edge intelligence for smart grid sustainability. IEEE Transactions on Sustainable Computing, 10(1), 45–58.

32.Yang, Q., Liu, Y., Chen, T., & Tong, Y. (2019). Federated machine learning: Concept and applications. ACM Transactions on Intelligent Systems and Technology (TIST), 10(2), 1–19.

33.Zhang, C., Patras, P., & Haddadi, H. (2019). Deep learning in mobile and wireless networking: A survey. IEEE Communications Surveys & Tutorials, 21(3), 2224–2287.

34.Zhao, Y., Li, T., & Smith, M. (2024). Ethical dimensions of edge-based AI governance. AI & Society, 39(4), 1012–1025.

35.Zhu, Ligeng, Liu, Zhijian, & Han, Song. (2019). Deep leakage from gradients. Advances in Neural Information Processing Systems, 32.

Downloads

Published

2026-05-12

How to Cite

Patrick Ellsworth. (2026). Strengthening Edge AI Security via Differential Privacy and Hardware Level Trust Execution Environments for Sensitive Data Processing. International Journal of Artificial Intelligence Research, 1(2). Retrieved from https://isipress.org/index.php/IJAIR/article/view/146

Issue

Vol. 1 No. 2 (2026): International Journal of Artificial Intelligence Research

Section

Articles

License

Copyright (c) 2026 International Journal of Artificial Intelligence Research

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

This article is published under the Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.