Secure information sharing on Decentralized Social Networks.

Decentralized Social Networks (DSNs) are web-based platforms built on distributed systems (federations) composed of multiple providers (pods) that run the same social networking service. DSNs have been presented as a valid alternative to Online Social Networks (OSNs), replacing the centralized paradigm of OSNs with a decentralized distribution of the features o\u21b5ered by the social networking platform. Similarly to commercial OSNs, DSNs o\u21b5er to their subscribed users a number of distinctive features, such as the possibility to share resources with other subscribed users or the possibility to establish virtual relationships with other DSN users. On the other hand, each DSN user takes part in the service, choosing to store personal data on his/her own trusted provider inside the federation or to deploy his/her own provider on a private machine. This, thus, gives each DSN user direct control of his/hers data and prevents the social network provider from performing data mining analysis over these information. Unfortunately, the deployment of a personal DSN pod is not as simple as it sounds. Indeed, each pod\u2019s owner has to maintain the security, integrity, and reliability of all the data stored in that provider. Furthermore, given the amount of data produced each day in a social network service, it is reasonable to assume that the majority of users cannot a\u21b5ord the upkeep of an hardware capable of handling such amount of information. As a result, it has been shown that most of DSN users prefer to subscribe to an existing provider despite setting up a new one, bringing to an indirect centralization of data that leads DSNs to su\u21b5er of the same issues as centralized social network services. In order to overcome this issue in this thesis we have investigated the possibility for DSN providers to lean on modern cloud-based storage services so as to o\u21b5er a cloudbased information sharing service. This has required to deal with many challenges. As such, we have investigated the definition of cryptographic protocols enabling DSN users to securely store their resources in the public cloud, along with the definition of communication protocols ensuring that decryption keys are distributed only to authorized users, that is users that satisfy at least one of the access control policies specified by data owner according to Relationship-based access control model (RelBAC) [20, 34]. In addition, it has emerged that even DSN users have the same difficulties as OSN users in defining RelBAC rules that properly express their attitude towards their own privacy. Indeed, it is nowadays well accepted that the definition of access control policies is an error-prone task. Then, since misconfigured RelBAC policies may lead to harmful data release and may expose the privacy of others as well, we believe that DSN users should be assisted in the RelBAC policy definition process. At this purpose, we have designed a RelBAC policy recommendation system such that it can learn from DSN users their own attitude towards privacy, and exploits all the learned data to assist DSN users in the definition of RelBAC policies by suggesting customized privacy rules. Nevertheless, despite the presence of the above mentioned policy recommender, it is reasonable to assume that misconfigured RelBAC rules may appear in the system. However, rather than considering all misconfigured policies as leading to potentially harmful situations, we have considered that they might even lead to an exacerbated data restriction that brings to a loss of utility to DSN users. As an example, assuming that a low resolution and an high resolution version of the same picture are uploaded in the network, we believe that the low-res version should be granted to all those users who are granted to access the hi-res version, even though, due to a misconfiurated system, no policy explicitly authorizes them on the low-res picture. As such, we have designed a technique capable of exploiting all the existing data dependencies (i.e., any correlation between data) as a mean for increasing the system utility, that is, the number of queries that can be safely answered. Then, we have defined a query rewriting technique capable of extending defined access control policy authorizations by exploiting data dependencies, in order to authorize unauthorized but inferable data. In this thesis we present a complete description of the above mentioned proposals, along with the experimental results of the tests that have been carried out so as to verify the feasibility of the presented techniques

Secure information sharing on Decentralized Social Networks.

Decentralized Social Networks (DSNs) are web-based platforms built on distributed systems (federations) composed of multiple providers (pods) that run the same social networking service. DSNs have been presented as a valid alternative to Online Social Networks (OSNs), replacing the centralized paradigm of OSNs with a decentralized distribution of the features o↵ered by the social networking platform. Similarly to commercial OSNs, DSNs o↵er to their subscribed users a number of distinctive features, such as the possibility to share resources with other subscribed users or the possibility to establish virtual relationships with other DSN users. On the other hand, each DSN user takes part in the service, choosing to store personal data on his/her own trusted provider inside the federation or to deploy his/her own provider on a private machine. This, thus, gives each DSN user direct control of his/hers data and prevents the social network provider from performing data mining analysis over these information. Unfortunately, the deployment of a personal DSN pod is not as simple as it sounds. Indeed, each pod’s owner has to maintain the security, integrity, and reliability of all the data stored in that provider. Furthermore, given the amount of data produced each day in a social network service, it is reasonable to assume that the majority of users cannot a↵ord the upkeep of an hardware capable of handling such amount of information. As a result, it has been shown that most of DSN users prefer to subscribe to an existing provider despite setting up a new one, bringing to an indirect centralization of data that leads DSNs to su↵er of the same issues as centralized social network services. In order to overcome this issue in this thesis we have investigated the possibility for DSN providers to lean on modern cloud-based storage services so as to o↵er a cloudbased information sharing service. This has required to deal with many challenges. As such, we have investigated the definition of cryptographic protocols enabling DSN users to securely store their resources in the public cloud, along with the definition of communication protocols ensuring that decryption keys are distributed only to authorized users, that is users that satisfy at least one of the access control policies specified by data owner according to Relationship-based access control model (RelBAC) [20, 34]. In addition, it has emerged that even DSN users have the same difficulties as OSN users in defining RelBAC rules that properly express their attitude towards their own privacy. Indeed, it is nowadays well accepted that the definition of access control policies is an error-prone task. Then, since misconfigured RelBAC policies may lead to harmful data release and may expose the privacy of others as well, we believe that DSN users should be assisted in the RelBAC policy definition process. At this purpose, we have designed a RelBAC policy recommendation system such that it can learn from DSN users their own attitude towards privacy, and exploits all the learned data to assist DSN users in the definition of RelBAC policies by suggesting customized privacy rules. Nevertheless, despite the presence of the above mentioned policy recommender, it is reasonable to assume that misconfigured RelBAC rules may appear in the system. However, rather than considering all misconfigured policies as leading to potentially harmful situations, we have considered that they might even lead to an exacerbated data restriction that brings to a loss of utility to DSN users. As an example, assuming that a low resolution and an high resolution version of the same picture are uploaded in the network, we believe that the low-res version should be granted to all those users who are granted to access the hi-res version, even though, due to a misconfiurated system, no policy explicitly authorizes them on the low-res picture. As such, we have designed a technique capable of exploiting all the existing data dependencies (i.e., any correlation between data) as a mean for increasing the system utility, that is, the number of queries that can be safely answered. Then, we have defined a query rewriting technique capable of extending defined access control policy authorizations by exploiting data dependencies, in order to authorize unauthorized but inferable data. In this thesis we present a complete description of the above mentioned proposals, along with the experimental results of the tests that have been carried out so as to verify the feasibility of the presented techniques

Exploiting magnetic properties of Fe doping in zirconia

In this study we explore, both from theoretical and experimental side, the effect of Fe doping in ZrO2 (ZrO2:Fe). By means of first principles simulation we study the magnetization density and the magnetic interaction between Fe atoms. We also consider how this is affected by the presence of oxygen vacancies and compare our findings with models based on impurity band and carrier mediated magnetic interaction. Experimentally thin films (~ 20 nm) of ZrO2:Fe at high doping concentration are grown by atomic layer deposition. We provide experimental evidence that Fe is uniformly distributed in the ZrO2 by transmission electron microscopy and energy dispersive X-ray mapping, while X-ray diffraction evidences the presence of the fluorite crystal structure. Alternating gradient force magnetometer measurements show magnetic signal at room temperature, however with low magnetic moment per atom. Results from experimental measures and theoretical simulations are compared.Comment: 8 pages, 9 figures. JEMS 201

The Italian National Project of Astrobiology-Life in Space-Origin, Presence, Persistence of Life in Space, from Molecules to Extremophiles

The \u2018\u2018Life in Space\u2019\u2019 project was funded in the wake of the Italian Space Agency\u2019s proposal for the development of a network of institutions and laboratories conceived to implement Italian participation in space astrobiology experiments

Colorectal Cancer Stage at Diagnosis Before vs During the COVID-19 Pandemic in Italy

IMPORTANCE Delays in screening programs and the reluctance of patients to seek medical attention because of the outbreak of SARS-CoV-2 could be associated with the risk of more advanced colorectal cancers at diagnosis. OBJECTIVE To evaluate whether the SARS-CoV-2 pandemic was associated with more advanced oncologic stage and change in clinical presentation for patients with colorectal cancer. DESIGN, SETTING, AND PARTICIPANTS This retrospective, multicenter cohort study included all 17 938 adult patients who underwent surgery for colorectal cancer from March 1, 2020, to December 31, 2021 (pandemic period), and from January 1, 2018, to February 29, 2020 (prepandemic period), in 81 participating centers in Italy, including tertiary centers and community hospitals. Follow-up was 30 days from surgery. EXPOSURES Any type of surgical procedure for colorectal cancer, including explorative surgery, palliative procedures, and atypical or segmental resections. MAIN OUTCOMES AND MEASURES The primary outcome was advanced stage of colorectal cancer at diagnosis. Secondary outcomes were distant metastasis, T4 stage, aggressive biology (defined as cancer with at least 1 of the following characteristics: signet ring cells, mucinous tumor, budding, lymphovascular invasion, perineural invasion, and lymphangitis), stenotic lesion, emergency surgery, and palliative surgery. The independent association between the pandemic period and the outcomes was assessed using multivariate random-effects logistic regression, with hospital as the cluster variable. RESULTS A total of 17 938 patients (10 007 men [55.8%]; mean [SD] age, 70.6 [12.2] years) underwent surgery for colorectal cancer: 7796 (43.5%) during the pandemic period and 10 142 (56.5%) during the prepandemic period. Logistic regression indicated that the pandemic period was significantly associated with an increased rate of advanced-stage colorectal cancer (odds ratio [OR], 1.07; 95%CI, 1.01-1.13; P = .03), aggressive biology (OR, 1.32; 95%CI, 1.15-1.53; P < .001), and stenotic lesions (OR, 1.15; 95%CI, 1.01-1.31; P = .03). CONCLUSIONS AND RELEVANCE This cohort study suggests a significant association between the SARS-CoV-2 pandemic and the risk of a more advanced oncologic stage at diagnosis among patients undergoing surgery for colorectal cancer and might indicate a potential reduction of survival for these patients

Privacy settings recommender for Online Social Network

In recent years Relationship Based Access Control (ReBAC) has become the reference paradigm for controlled information sharing in Online Social Network (OSN) scenarios. Nevertheless, many of the most popular OSN providers do not implement in their platforms an access control model fully compliant with ReBAC. This fact, thus, limits the capability of OSN users to define customized and fine-grained access control policies. Moreover, average users might have difficulties in properly setting, potentially, complex access control policies. As results, many users give up in defining proper privacy setting, simply accepting the default setting proposed by OSN provider. To cope with this problem, we see the need of tools in support of policy specification. At this aim, in this paper we present a recommendation system that, exploiting an association rules mining process, learns OSN users' habits in releasing resources in online social networks, and exploit them to suggest customized access control policies. We also prove the feasibility of the presented techniques by illustrating an experiment which has been conducted on 30 human users by building customized access control policies from the data learnt from each of them

Diffusion-Based Sound Source Localization Using Networks of Planar Microphone Arrays

In this work, we propose a novel approach for distributed 3D sound source localization and tracking based on networks of planar microphone arrays, each of which estimates a 2D Direction Of Arrival (DOA). The proposed method is computationally distributed and eliminates the need for a specialized node to collect and process all information. Sound source localization is achieved by considering the task as a distributed optimization problem approached using the Adapt Then Combine (ATC) diffusion technique. This approach also allows the development of cooperation strategies between sensor nodes (i.e., microphone arrays). We propose the use of a cooperation strategy that improves the localization accuracy by exploiting the estimated error statistics of each sensor node and penalizing the noisy arrays. We then evaluate the proposed approach in terms of localization accuracy and robustness to noisy sensor measurements

An extended access control mechanism exploiting data dependencies

In general, access control mechanisms in DBMSs ensure that users access only those portions of data for which they have authorizations, according to a predefined set of access control policies. However, it has been shown that access control mechanisms might be not enough. A clear example is the inference problem due to functional dependencies, which might allow a user to discover unauthorized data by exploiting authorized data. In this paper, we wish to investigate data dependencies (e.g., functional dependencies, foreign key constraints, and knowledge-based implications) from a different perspective. In particular, the aim was to investigate data dependencies as a mean for increasing the DBMS utility, that is, the number of queries that can be safely answered, rather than as channels for releasing sensitive data. We believe that, under given circumstances, this unauthorized release may give more benefits than issues. As such, we present a query rewriting technique capable of extending defined access control policies by exploiting data dependencies, in order to authorize unauthorized but inferable data