My team is working on a Software solution that relies on OpenVino's Inference Engine to accelerate the execution of a CNN. So far, we haven't found a way of distributing the CNN's topology in an obfuscated way (without having to ship the <network>.xml file together with the application).
Is there an alternative to CNNNetReader that can load a binary (or obfuscated) version of <network>.xml?
Could you elaborate a bit more on exact requirements that you would like to achieve? I.e. would you like to encrypt just xml, both xml and weights? Is there a need for a protection of model in case of stealing it from host that has it installed?
Precisely! We are trying to protect the model from being re-used (or reverse engineered) by a third party. We thought about obfuscation at first, but if you would have a way to encrypt both xml and weights, even better.
We are being pressured to prepare a releasable version of our software, and we still don't have any solution for this.
Our end goal is to have our network (and weights) encrypted, but for now, is there anything you can give us to at least protect the network's topology?
Please take this request with urgency.
There is a ReadNetwork from buffer method:
Parses the topology part of the IR (.xml) given the xml as a buffer This method can be called once only to read network. If you need to read another network instance then create new reader instance.
Is this what you need? to read topology from memory so you can encrypt the topology file and decrypt it in memory?