The state-of-the-art face recognition systems are typically trained on a single computer, utilizing extensive image datasets collected from various number of users. However, these datasets often contain sensitive personal information that users may hesitate to disclose. To address potential privacy concerns, we explore the application of federated learning, both with and without secure aggregators, in the context of both supervised and unsupervised face recognition systems. Federated learning facilitates the training of a shared model without necessitating the sharing of individual private data, achieving this by training models on decentralized edge devices housing the data. In our proposed system, each edge device independently trains its own model, which is subsequently transmitted either to a secure aggregator or directly to the central server. To introduce diverse data without the need for data transmission, we employ generative adversarial networks to generate imposter data at the edge. Following this, the secure aggregator or central server combines these individual models to construct a global model, which is then relayed back to the edge devices. Experimental findings based on the CelebA datasets reveal that employing federated learning in both supervised and unsupervised face recognition systems offers dual benefits. Firstly, it safeguards privacy since the original data remains on the edge devices. Secondly, the experimental results demonstrate that the aggregated model yields nearly identical performance compared to the individual models, particularly when the federated model does not utilize a secure aggregator. Hence, our results shed light on the practical challenges associated with privacy-preserving face image training, particularly in terms of the balance between privacy and accuracy.

翻译：当前最先进的人脸识别系统通常部署于单一计算机上，利用从众多用户中收集的广泛图像数据集进行训练。然而，这些数据集往往包含用户可能不愿透露的敏感个人信息。为解决潜在的隐私问题，我们探索了在监督式与非监督式人脸识别系统中，使用或不使用安全聚合器的联邦学习应用。联邦学习能够在不要求共享个体私有数据的前提下，通过在持有数据的分布式边缘设备上训练模型，实现共享模型的构建。在所提出的系统中，每个边缘设备独立训练其自身模型，随后将该模型传输至安全聚合器或直接发送至中央服务器。为无需传输数据即可引入多样化数据，我们采用生成对抗网络在边缘生成伪数据。此后，安全聚合器或中央服务器将这些独立模型整合为全局模型，再将其回传至边缘设备。基于CelebA数据集的实验结果表明，在监督式与非监督式人脸识别系统中采用联邦学习具有双重优势：首先，由于原始数据保留在边缘设备上，有效保护了隐私；其次，实验证明聚合模型的性能与各独立模型几乎一致，尤其在未使用安全聚合器的联邦模型情境下。因此，我们的研究揭示了隐私保护人脸图像训练中的实际挑战，特别是隐私与准确性之间的平衡问题。