This is the top of the page.
Displaying present location in the site.
  1. Home
  2. About NEC
  3. Research and Development @NEC Laboratories Europe
  4. Research Areas
  5. Security
Main content starts here.


Ensuring security, privacy and trust in new products and services is essential for customers and society to accept new technology. We address practical security and privacy problems arising from current and future systems, which require an understanding of the underlying fundamental security and privacy approaches. Thereby, we need to take into account a radically changed threat scenario and new threat models.

Cloud Security

Cloud storage, processing and services enable enterprises and users to extend their capabilities well beyond their capabilities in-house and to radically cut costs. However, outsourcing potentially endangers private and enterprise data and assets as well as the personal information of citizens. We develop cryptographic primitives, such as functional encryption and multi-party computation and security protocols to ensure these systems operate efficiently, reliably and with minimum data disclosure.

Verifiable Devices

The number of devices connected to the Internet is growing rapidly. Most devices are not well protected when deployed in unsupervised environments. Often devices are used in security-critical applications, such as public safety or protection of critical infrastructure. We protect these devices by providing algorithms and protocols that enable these security features. This data can now be used to prove providence, integrity and even non-repudiation in systems where accurate data is crucial.

SDN Security

Software Defined Networking (SDN) is the future technology for data centres and carrier networks. The security implications of SDN are much less understood than for traditional networks. Future networks with a federation of SDN networks and the use of third party applications on the controller introduce new threats to the system. We develop new access control mechanisms for SDN to ensure a tight and fine-granular control of all aspects of the system.  This research area also looks at the benefits of introducing SDN in datacentres and for cloud security.


  • SEP 2013: NEC started the SMARTIE project developing secure data management for smart cities, funded by the EC under contract 609062.



  • Arthur Gervais, Ghassan Karame, Karl Wuest, Vasileios Glykantzis, Hubert, Ritzdorf, Srdjan Capkun
    On the Security and Performance of Proof of Work Blockchain
    In Proceedings of the ACM Conference on Computer and Communications Security (ACM CCS), 2016 (to appear).
  • Frederik Armknecht, Ludovic Barman, Jens-Matthias Bohli, Ghassan Karame
    Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud
    In Proceedings of the USENIX Security Symposium (USENIX Security), 2016 (to appear).
  • Heng Cui, Ghassan Karame, Felix Klaetdke, Roberto Bifulco
    On the Fingerprinting of Software-defined Networks
    In IEEE Transactions on Information Forensics & Security (IEEE TIFS), 2016.
  • David Basin, Germano Carroni, Sarah Ereth, Matus Harvan, Felix Klaedtke, and Heiko Mantel.
    Scalable Offline Monitoring of Temporal Properties.
    Accepted for publication at Formal Methods in System Design, 2016.


  • Tassos Dimitriou, Ghassan Karame
    Enabling Anonymous Authorization and Rewarding in the Smart Grid
    In IEEE Transactions on Dependable and Secure Computing (IEEE TDSC), 2015.
  • Frederik Armknecht, Jens-Matthias Bohli, Ghassan Karame, Franck Youssef
    Transparent Data Deduplication in the Cloud
    In Proceedings of the ACM Conference on Computer and Communications Security (ACM CCS), 2015.
  • Arthur Gervais, Hubert Ritzdorf, Ghassan Karame, Srdjan Capkun
    Tampering with the Delivery of Blocks and Transactions in Bitcoin
    In Proceedings of the ACM Conference on Computer and Communications Security (ACM CCS), 2015.
  • David Basin, Felix Klaedtke, Samuel Mueller, and Eugen Zalinescu.
    Monitoring Metric First-order Temporal Properties.
    Journal of the ACM, Volume 62, Issue 2, 2015.
  • David Basin, Felix Klaedtke, and Eugen Zalinescu.
    Failure-aware Runtime Verification of Distributed Systems.
    In the Proceedings of the 35th International Conference on Foundations of Software Technology and Theoretical Computer Science, 2015.


  • Frederik Armknecht, Jens-Matthias Bohli, Ghassan O. Karame, Zongren Liu, Christian A. Reuter. Outsourced Proofs of Retrievability. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, 2014.
  • Ghassan Karame, Aurelien Francillon, Victor Budilivschi, Srdjan Capkun, Vedran Capkun. Microcomputations as Micropayments in Web-based Services. In ACM Transactions on Internet Technology (TOIT), 2014.
  • Jens-Matthias Bohli, Dan Dobre, Ghassan O. Karame, Wenting Li. PrivLoc: Preventing Location Tracking in Geofencing Services. TRUST 2014


  • Dan Dobre, Ghassan Karame, Wenting Li, Matthias Majuntke, Neeraj Suri, Marko Vukolic. PoWerStore: Proofs of Writing for Efficient and Robust Storage. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, 2013.
  • Jens-Matthias Bohli, Nils Gruschka, Meiko Jensen, Luigi Lo Iacono, and Ninja Marnau. Security and Privacy Enhancing Multi-Cloud Architectures. In IEEE Transactions on dependable and secure computing, vol. 10(4):212-224, 2013.
  • Félix Gómez Mármol, Christoph Sorge, Ronald Petrlic, Osman Ugus, Dirk Westhoff, Gregorio Martínez Pérez, "Privacy enhanced architecture for smart metering", International Journal of Information Security, vol. 12, no. 2, pp. 67-82, 2013

Top of this page