Add initial Security and Privacy Considerations sections

First version based on initial PING review in #119 Fix #122
webmachinelearning · May 19, 2021 · 1055355 · 1055355
1 parent 45346b4
commit 1055355
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/index.bs b/index.bs
@@ -400,6 +400,27 @@ so that the application loads the tiny model in the case of CPU-only devices.
 
 A JavaScript ML framework is responsible for loading, interpreting and executing a ML model. During the model execution phase, the framework iterates through the operations of the model and executes each operation on the hardware device, like CPU, GPU or ML accelerator. To avoid the unnecessary data copying across devices, the framework selects the same device to execute the operations. For a compute intensive operation, such as convolution 2D or matrix multiplication, the framework uses WebNN API to execute it with the ML-specific acceleration available on that selected device.
 
+Security Considerations {#security}
+===================================
+
+This API is disabled by default in all cross-origin frames using the [[#permissions-policy-integration]]. This prevents third-party content from using this API unless the embedding page explicitly sets a policy that grants permission.
+
+This API allows creation of an {{MLContext}} from a {{GPUDevice}} or {{WebGLRenderingContext}} defined by WebGPU and WebGL specifications respectively. See <a href="https://gpuweb.github.io/gpuweb/#security">WebGPU Security Considerations</a> and <a href="https://www.khronos.org/registry/webgl/specs/latest/1.0/#4">WebGL Security Consideration</a> for more information regarding security characteristics of these contexts.
+
+Privacy Considerations {#privacy}
+===================================
+
+This API enhances privacy compared to cloud-based inference, since input data such as locally sourced images or video streams stay within the browser's sandbox.
+
+This API exposes the minimum amount of information necessary to address the identified [[#usecases]] for the best performance and reliability of results.
+
+No information from the underlying platform is exposed directly. An execution time analysis may reveal indirectly the performance of the underlying platform's neural network hardware acceleration capabilities relative to another underlying platform.
+
+Note: The group is <a href="https://github.com/webmachinelearning/webnn/issues/85">soliciting further input</a> on the proposed execution time analysis fingerprinting vector and will augment this section with more information and mitigations to inform the implementers of this API.
+
+Implementers of this API are expected to be familiar with the <a href="https://gpuweb.github.io/gpuweb/#security-privacy">WebGPU Privacy Considerations</a>.
+
+
 # Programming Model # {#programming-model}
 ## Timelines ## {#programming-model-timelines}