Welcome to your machine learning security journey with Azure! Together, we will explore all the methods and techniques to secure our AI projects and set a security baseline for our services. Let us start with a quick introduction to the machine learning (ML) life cycle and the Azure Machine Learning components and processes that go into working with ML in Azure. We will cover the essential knowledge you need to follow the concepts and implementations outlined in the rest of the book.

The next step will be to go through an example scenario, which we will reference throughout this book as the basis for applying the concepts of securing your data, models, workspace, and applications that use the deployed models from Azure Machine Learning. You can follow the instructions to re-create this scenario in your Azure Machine Learning environment to familiarize yourself with the Azure Machine Learning components.

Throughout this book, we will need a few things to apply the learnings and implementations. Each chapter will outline more details if needed, but the minimal resources we need are an Azure subscription and an Azure Machine Learning resource with its related services.

Azure subscription and resources

Throughout this book, we will reference the scenario presented in this section and other services and implementations in Azure. You will need an active Azure subscription and an Azure Machine Learning workspace to follow along or replicate the results.

If you don’t have an Azure subscription, you can activate a free trial by following this link: https://azure.microsoft.com/en-us/pricing/offers/ms-azr-0044p/.

If you run the project suggested in this chapter from end to end, it should not cost more than $150–$200 as long as you delete all associated resources afterward and use the lowest pricing tier of all services. However, this estimation...

No matter what technology or framework we choose to work with to develop our ML project, there are four phases we go through. Each stage has one or more steps, depending on the individual scenario. The ML life cycle is significant because it clearly outlines every project step. Then, it is easy to break the project into tasks and assign them to the person responsible because, usually, more than one role is involved in an ML project.

Let us review all the stages before we connect them to the components of Azure Machine Learning.

ML life cycle

In ML, we identify four stages: business understanding, data operations, model training, and model deployment. As shown in the following figure, these stages are part of an iterative process:

Figure 1.2 – ML life cycle

Let us go through each step of this iterative process and what it entails, starting with the business understanding stage and the gathering...

If you want to follow along with the implementation examples in this book, here is an example project to get you started. If you are already an expert in Azure Machine Learning, feel free to skip this introduction. This section will help beginners with the service or those in other roles to understand the ML life cycle in action. We will create a sample project that demonstrates how to import a dataset into Azure Machine Learning, how to use the Automated ML feature to train multiple models with multiple parameters, and deploy the resulting model as an endpoint to be used for predictions. The Automated ML feature was chosen as it does not require extensive data science expertise.

Log in to the Azure portal (https://portal.azure.com/) and look for Azure Machine Learning resource. From Overview, click on Studio web URL or the Launch Studio button to access your workspace, as seen in the following figure:

Figure 1.8 – Accessing...

The Zero Trust model is a security strategy based on the principle of Never trust, always verify. So, instead of assuming that our resources that are deployed behind a firewall are safe, the Zero Trust model assumes breach and every request needs to be verified as though it originates from an open network. The Zero Trust model is applied in cloud, on-premises, and hybrid environments. Implementing a Zero Trust security model can help organizations to reduce their overall attack surface, minimize the risk of data breaches, and improve their security posture by shifting from a perimeter-based security approach to a more comprehensive and adaptive security strategy.

Although Azure Machine Learning is a cloud service, the Zero Trust model still applies because a complete ML project spans across data, networks, infrastructure, and applications. We will go through an overview of the Zero Trust model. Then, we’ll use this knowledge to apply it to assess...

Part of assessing the vulnerabilities of Azure Machine Learning assets involves identifying potential security risks and then implementing appropriate measures to mitigate them.

Here, we will go through Azure Machine Learning components and their possible vulnerabilities. The implementation of security measures will be explained in greater detail in the rest of the book. The assessment is based on the Zero Trust defense areas.

The first step is identifying all the assets associated with Azure Machine Learning, such as data, models, and algorithms. That does not mean the Azure Machine Learning Studio only. Several services associated with Azure Machine Learning need to be checked. Once you have identified the assets, you should assess their potential risks, including unauthorized access, data breaches, and misuse.

It is important to remember that everything in Azure operates on top of cloud infrastructure, so it is helpful to...

In this chapter, we covered the basics of the ML life cycle and how it applies to Azure Machine Learning components. This knowledge is essential not only for data scientists and developers, but also for IT administrators and security engineers who are required to know the basics of ML development to ensure they can secure and monitor all associated services. For anyone wanting to get more familiar with Azure Machine Learning, you can always come back and recreate the scenario presented at the beginning as a base to follow along with the implementations and methods presented in the rest of the book’s chapters.

Together, we learned what the Zero Trust strategy is and how it can be applied to Azure Machine Learning components and their associated services to assess what needs to be secured. We will need Zero Trust, as the principles and the defense areas outlined in this strategy are the same ones we will use in our security implementations in the following chapters...

• Introduction to Azure Machine Learning: https://learn.microsoft.com/en-us/training/modules/intro-to-azure-ml
• Introduction to the Azure Machine Learning SDK: https://learn.microsoft.com/en-us/training/modules/intro-to-azure-machine-learning-service/
• Train an ML model with Azure Machine Learning: https://learn.microsoft.com/en-us/training/modules/train-local-model-with-azure-mls/
• Introduction to Zero Trust and best practice frameworks: https://learn.microsoft.com/en-us/training/modules/introduction-zero-trust-best-practice-frameworks/