Mycobacterium tuberculosis Drives Expansion of Low-Density Neutrophils Equipped With Regulatory Activities

In human tuberculosis (TB) neutrophils represent the most commonly infected phagocyte but their role in protection and pathology is highly contradictory. Moreover, a subset of low-density neutrophils (LDNs) has been identified in TB, but their functions remain unclear. Here, we have analyzed total neutrophils and their low-density and normal-density (NDNs) subsets in patients with active TB disease, in terms of frequency, phenotype, functional features, and gene expression signature. Full-blood counts from Healthy Donors (H.D.), Latent TB infected, active TB, and cured TB patients were performed. Frequency, phenotype, burst activity, and suppressor T cell activity of the two different subsets were assessed by flow cytometry while NETosis and phagocytosis were evaluated by confocal microscopy. Expression analysis was performed by using the semi-quantitative RT-PCR array technology. Elevated numbers of total neutrophils and a high neutrophil/lymphocyte ratio distinguished patients with active TB from all the other groups. PBMCs of patients with active TB disease contained elevated percentages of LDNs compared with those of H.D., with an increased expression of CD66b, CD33, CD15, and CD16 compared to NDNs. Transcriptomic analysis of LDNs and NDNs purified from the peripheral blood of TB patients identified 12 genes differentially expressed: CCL5, CCR5, CD4, IL10, LYZ, and STAT4 were upregulated, while CXCL8, IFNAR1, NFKB1A, STAT1, TICAM1, and TNF were downregulated in LDNs, as compared to NDNs. Differently than NDNs, LDNs failed to phagocyte live Mycobacterium tuberculosis (M. tuberculosis) bacilli, to make oxidative burst and NETosis, but caused significant suppression of antigen-specific and polyclonal T cell proliferation which was partially mediated by IL-10. These insights add a little dowel of knowledge in understanding the pathogenesis of human TB

Dynamic Allocation for Resource Protection in Decentralized Cloud Storage

Decentralized Cloud Storage (DCS) networks represent an interesting solution for data storage and management. DCS networks rely on the voluntary effort of a considerable number of (possibly untrusted) nodes, which may dynamically join and leave the network at any time. To profitably rely on DCS for data storage, data owners therefore need solutions that guarantee confidentiality and availability of their data. In this paper, we present an approach enabling data owners to keep data confidentiality and availability under control, limiting the owners intervention with corrective actions when availability or confidentiality is at risk. Our approach is based on the combined adoption of AONT (All-Or-Nothing-Transform) and fountain codes. It provides confidentiality of outsourced data also against malicious coalitions of nodes, and guarantees data availability even in case of node failures. Our experimental evaluation clearly shows the benefits of using fountain codes with respect to other approaches adopted by current DCS networks

Multi-Provider Secure Processing of Sensors Data

We describe the implementation of an approach for supporting secure query processing over sensors data in a multi-provider scenario. Our solution relies on the definition of authorizations regulating access to data according to three different visibility levels (no visibility, encrypted visibility, and plaintext visibility). Data processing is performed by multiple providers based on the restrictions imposed by authorizations, which may require to adjust data visibility on the fly. We describe the structure of the query optimizer and show how the operations of a computation can be assigned to different cloud providers to build an efficient, secure, and economical plan for collaborative data processing

Functional and clinical implications of genetic structure in 1686 Italian exomes

To reconstruct the phenotypical and clinical implications of the Italian genetic structure, we thoroughly analyzed a whole-exome sequencing data set comprised of 1686 healthy Italian individuals. We found six previously unreported variants with remarkable frequency differences between Northern and Southern Italy in the HERC2, OR52R1, ADH1B, and THBS4 genes. We reported 36 clinically relevant variants (submitted as pathogenic, risk factors, or drug response in ClinVar) with significant frequency differences between Italy and Europe. We then explored putatively pathogenic variants in the Italian exome. On average, our Italian individuals carried 16.6 protein-truncating variants (PTVs), with 2.5% of the population having a PTV in one of the 59 American College of Medical Genetics (ACMG) actionable genes. Lastly, we looked for PTVs that are likely to cause Mendelian diseases. We found four heterozygous PTVs in haploinsufficient genes (KAT6A, PTCH1, and STXBP1) and three homozygous PTVs in genes causing recessive diseases (DPYD, FLG, and PYGM). Comparing frequencies from our data set to other public databases, like gnomAD, we showed the importance of population-specific databases for a more accurate assessment of variant pathogenicity. For this reason, we made aggregated frequencies from our data set publicly available as a tool for both clinicians and researchers (http://nigdb.cineca.it; NIG-ExIT)

Securing Resources in Decentralized Cloud Storage

Decentralized Cloud Storage services represent a promising opportunity for a different cloud market, meeting the supply and demand for IT resources of an extensive community of users. The dynamic and independent nature of the resulting infrastructure introduces security concerns that can represent a slowing factor towards the realization of such an opportunity, otherwise clearly appealing and promising for the expected economic benefits. In this paper, we present an approach enabling resource owners to effectively protect and securely delete their resources while relying on decentralized cloud services for their storage. Our solution combines All-Or-Nothing-Transform for strong resource protection, and carefully designed strategies for slicing resources and for their decentralized allocation in the storage network. We address both availability and security guarantees, jointly considering them in our model and enabling resource owners to control their setting

Distributed Shuffle Index in the Cloud: Implementation and Evaluation

The distributed shuffle index strengthens the guarantees of access confidentiality provided by the shuffle index through the distribution of data among three cloud providers. In this paper, we analyze architectural and design issues and describe an implementation of the distributed shuffle index integrated with different cloud providers (i.e., Amazon S3, OpenStack Swift, Google Cloud Storage, and EMC Elastic Cloud Storage). The experimental results obtained with our implementation confirm the protection guarantees provided by the distributed shuffle index and its limited performance overhead, demonstrating its practical applicability in cloud scenarios

Access Control Management for Secure Cloud Storage

With the widespread success and adoption of cloud-based solutions, we are witnessing an ever increasing reliance on external providers for storing and managing data. This evolution is greatly facilitated by the availability of solutions - typically based on encryption - ensuring the confidentiality of externally outsourced data against the storing provider itself. Selective application of encryption (i.e., with different keys depending on the authorizations holding on data) provides a convenient approach to access control policy enforcement. Effective realization of such policy-based encryption entails addressing several problems related to key management, access control enforcement, and authorization revocation, while ensuring efficiency of access and deployment with current technology. We present the design and implementation of an approach to realize policy-based encryption for enforcing access control in OpenStack Swift. We also report experimental results evaluating and comparing different implementation choices of our approach

Mix&Slice: efficient access revocation in the Cloud

We present an approach to enforce access revocation on resources stored at external cloud providers. The approach relies on a resource transformation that provides strong mutual inter-dependency in its encrypted representation. To revoke access on a resource, it is then sufficient to update a small portion of it, with the guarantee that the resource as a whole (and any portion of it) will become unintelligible to those from whom access is revoked. The extensive experimental evaluation on a variety of configurations confirmed the effectiveness and efficiency of our solution, which showed excellent performance and compatibility with several implementation strategies

Protecting resources and regulating access in cloud-based object storage

Cloud storage services offer a variety of benefits that make them extremely attractive for the management of large amounts of data. These services, however, raise some concerns related to the proper protection of data that, being stored on servers of third party cloud providers, are no more under the data owner control. The research and development community has addressed these concerns by proposing solutions where encryption is adopted not only for protecting data but also for regulating accesses. Depending on the trust assumption on the cloud provider offering the storage service, encryption can be applied at the server side, client side, or through an hybrid approach. The goal of this chapter is to survey these encryption-based solutions and to provide a description of some representative systems that adopt such solutions