Selective and private access to outsourced data centers

The advancements in the Information Technology and the rapid diffusion of novel computing paradigms have accelerated the trend of moving data to the cloud. Public and private organizations are more often outsourcing their data centers to the cloud for economic and/or performance reasons, thus making data confidentiality an essential requirement. A basic technique for protecting data confidentiality relies on encryption: data are encrypted by the owner before their outsourcing. Encryption however complicates both the query evaluation and enforcement of access restrictions to outsourced data. In this chapter, we provide an overview of the issues and techniques related to the support of selective and private access to outsourced data in a scenario where the cloud provider is trusted for managing the data but not for reading their content. We therefore illustrate methods for enforcing access control and for efficiently and privately executing queries (at the server side) over encrypted data. We also show how the combined adoption of approaches supporting access control and for efficient query evaluation may cause novel privacy issues that need to be carefully handled

Data security issues in cloud scenarios

The amount of data created, stored, and processed has enormously increased in the last years. Today, millions of devices are connected to the Internet and generate a huge amount of (personal) data that need to be stored and processed using scalable, efficient, and reliable computing infrastructures. Cloud computing technology can be used to respond to these needs. Although cloud computing brings many benefits to users and companies, security concerns about the cloud still represent the major impediment for its wide adoption. We briefly survey the main challenges related to the storage and processing of data in the cloud. In particular, we focus on the problem of protecting data in storage, supporting fine-grained access, selectively sharing data, protecting query privacy, and verifying the integrity of computations

Androgen Receptor Targeted Conjugate for Bimodal Photodynamic Therapy of Prostate Cancer in Vitro

Prostate cancer (PC) represents the most common type of cancer among males and is the second leading cause of cancer death in men in Western society. Current options for PC therapy remain unsatisfactory, since they often produce uncomfortable long-term side effects, such as impotence (70%) and incontinence (5\u201320%) even in the first stages of the disease. Light-triggered therapies, such as photodynamic therapy, have the potential to provide important advances in the treatment of localized and partially metastasized prostate cancer. We have designed a novel molecular conjugate (DR2) constituted of a photosensitizer (pheophorbide a, Pba), connected to a nonsteroidal anti-androgen molecule through a small pegylated linker. This study aims at investigating whether DR2 represents a valuable approach for PC treatment based on light-induced production of single oxygen and nitric oxide (NO) in vitro. Besides being able to efficiently bind the androgen receptor (AR), the 2-trifluoromethylnitrobenzene ring on the DR2 backbone is able to release cytotoxic NO under the exclusive control of light, thus augmenting the general photodynamic effect. Although DR2 is similarly internalized in cells expressing different levels of androgen receptor, the AR ligand prevents its efflux through the ABCG2-pump. In vitro phototoxicity experiments demonstrated the ability of DR2 to kill cancer cells more efficiently than Pba, while no dark toxicity was observed. Overall, the presented approach is very promising for further development of AR-photosensitizer conjugates in the multimodal photodynamic treatment of prostate cancer

Encryption and Fragmentation for Data Confidentiality in the Cloud

Cloud computing has emerged as a successful paradigm allowing individual users as well as companies to resort to external providers for storing/processing data or making them available to others. Together with the many benefits, cloud computing introduces however new security and privacy risks. A major issue is that the data owner, storing data at external providers, loses control over them, leaving them potentially exposed to improper access, use, or dissemination. In this chapter, we consider the problem of protecting confidentiality of sensitive information when relying on external cloud providers for storing and processing data. We introduce confidentiality requirements and then illustrate encryption and data fragmentation as possible protection techniques. In particular, we discuss different approaches that have been proposed using encryption (with indexing) and fragmentation, either by themselves or in combination, to satisfy confidentiality requirements