Ghassan Karame(PhD in Computer Science/Manager and Chief Researcher, Security Group/NEC Laboratories Europe)
September 28, 2018
Blockchain and IoT security: important technology for safer society
I am the manager and chief researcher of the security group here at NEC Labs in Germany. Our security group deals with a wide range of research topics regarding system security, including cloud security, IoT security, and most importantly, blockchain security. I oversee all aspects of system security research, and my current focus is on IoT security and blockchain security.
Many people think of security as a commodity, and they design their services and products without caring much about security, but I think security is one of the most important aspects of our everyday life, and what we do has a huge impact on human life.
For instance, when you leave your house, you would definitely lock your door for security. You need to do the same online to protect your assets and resources, as our society is growing to be more and more digital, and our businesses are becoming more and more online.
NEC is a major player when it comes to system security, and has been contributing to the research to make our society more secure, and as a result our citizens, customers, and stakeholders of various businesses have been benefited from it.
Besides my researches at NEC, I teach courses at various universities both in and outside of Germany. I enjoy educating young people about various subjects including benefits of designing security protocols, the pitfalls of running applications without security, and raising awareness on the subject. I also participate in giving talks to raise awareness on the pitfalls of misuse of technology including blockchain and IoT.
It's also a great pleasure that I am able to disseminate the research experience and the research outcomes that I've harnessed all these years through various media. Thanks to the support by NEC Lab, I recently published a book about Bitcoin and blockchain security, which was a great experience.
I am also an active member of various professional organizations such as IEEE, and the ACM, which are leading organizations in the field of engineering and computer science. I review other's works at various security conferences, and make sure that the community's research output is decent and healthy.
Focus on researches on blockchain and IoT security
I am currently working on blockchain security, and IoT security. In terms of blockchain, we are building technology that's secure and one of the fastest in the world. Our goal is to be able to match the performance of centralized services utilized by major credit card companies. Unfortunately, existing blockchain systems cannot handle the performance at such high speed. So our major goal here is to be able to have technology that can still handle a very large number of transactions per second without hampering security.
The other challenge that we are trying to overcome is IoT security. This is a complex issue as we are working with devices that are made by different manufacturer, run on different operating system, and use different processes and software. As more and more devices are connected to internet, they can be more vulnerable to various threats, and we need to come up with security systems that perform well on all of these devices.
Security is a large field of study, and actually quite interdisciplinary. It requires full understanding of the system itself and beyond, including how the devices work, how it's being deployed, by whom it's being used, and how it's used. It also takes many years of study, experience and discussions with customers to obtain the knowledge and expertise needed. Only when you have proper understanding of all of them, you can devise solutions and security protocols that would protect various resources and assets in these systems.
Growing privacy concerns and how to tackle this challenge
As more and more devices are connected to internet, privacy will be a major concern, more so in the coming 10 years than now. Our challenge is to build security systems on the existing applications and services, and to protect privacy without paralyzing performance. I would like to invest more time to develop research on privacy here at NEC Labs.
We have GDPR in Europe, and I'm sure there are similar legislations concerning privacy in other regions of the world. We have to be aware of these legislations regarding Internet security, and come up with the system that is in line with such regulations. Again because of the sheer number of devices that are connected to internet, this is a fun but difficult challenge from a security standpoint.
Our job as experts in the field to make sure that technology finds a proper path for our products. In other words, we need to direct technology to a path that's not based on hypes and false rumors, but a path paved by information from verified sources and ethical considerations, so we can benefit from the technology to its full potential.
In the future, data will be monetized and become a currency. For that to happen we need to be able to trust the source of the data. It is also our job as security experts at NEC to make sure that the devices are working properly and the sources of the data are verified.
Dr. Ghassan Karame
Dr. Ghassan Karame am the Manager and Chief Researcher of the Security Group of NEC Laboratories Europe in Germany. He joined NEC in April 2012. Before then, he was a postdoctoral researcher in the Institute of Information Security of ETH Zurich, Switzerland. He holds a Master of Science degree in Information Networking from Carnegie Mellon University (CMU), and a PhD degree in Computer Science from ETH Zurich. He is interested in all aspects of security and privacy with a focus on cloud security, IoT security, network security, and Blockchain security.