MLSEC-12: Restrict access to intended legitimate consumers

Use secure inference API endpoints - Host the model so that a consumer of the model can perform inference against it securely. Enable consumers using the API to define the relationship, restrict access to the base model, and provide monitoring of model interactions.

Secure inference endpoints - Only authorized parties should make inferences against the ML model. Treat inference endpoints as you would any other HTTPS API. Ensure that you follow guidance from the AWS Well-Architected Framework to provide network controls, such as restricting access to specific IP ranges, and bot control. The HTTPS requests for these API calls should be signed, so that the requester identity can be verified, and the requested data is protected in transit.

Amazon SageMaker AI: Real-time Inference

Give SageMaker AI Hosted Endpoints Access to Resources in Your Amazon VPC

Register and Deploy Models with Model Registry

Integrating machine learning models into your Java-based microservices

How Financial Institutions can use AWS to Address Regulatory Reporting

Secure deployment of Amazon SageMaker AI resources

AWS re:Invent 2019: End-to-End machine learning using Spark and Amazon SageMaker AI

Amazon SageMaker AI secure MLOps

Accelerating Machine Learning Development with Data Science as a Service from Change Healthcare