Abstract
Instruction tuning has proven effective in enhancing Large Language Models'(LLMs) performance on downstream tasks. However, real-world fine-tuning facesinherent conflicts between model providers' intellectual property protection,clients' data privacy requirements, and tuning costs. While recent approacheslike split learning and offsite tuning demonstrate promising architectures forprivacy-preserving fine-tuning, there is a gap in systematically addressing themultidimensional trade-offs required for diverse real-world deployments. Wepropose several indicative evaluation metrics to guide design trade-offs forprivacy-preserving fine-tuning and a series of example designs, collectivelynamed GuardedTuning; they result from novel combinations of systemarchitectures with adapted privacy-enhancement methods and emerging computationtechniques. Each design represents distinct trade-offs across model utility,privacy guarantees, and costs. Experimental results demonstrate that thesedesigns protect against data reconstruction attacks while maintainingcompetitive fine-tuning performance.