A picture of me.

Dan O'Keeffe

I'm currently a post-doctoral researcher in the Large-Scale Distributed Systems (LSDS) group of the Department of Computing, Imperial College London. Prior to joining Imperial I was a software engineer in the financial services industry building stream processing platforms for high-frequency trading. Before that I was a member of the OPERA group at the University of Cambridge Computer Laboratory, where I completed my PhD under Prof. Jean Bacon.

The best way to get in touch with me is via email at d.okeeffe at imperial dot ac dot uk.


My research interests lie broadly in the areas of distributed systems, security, databases, and networking, with a current focus on cloud computing security. In particular, as part of the SeReCa, SecureCloud and CloudSafetyNet projects I am investigating techniques for improving user control and visibility over sensitive data in cloud platforms.

In addition to cloud security, I have a strong interest in stream processing systems. My current research activities in this area are concentrated on the ITA-DSM project, which transplants popular "Big Data" stream processing platforms like Twitter Storm to wireless mobile and sensor network environments.

Current Projects


Exploits secure hardware extensions in modern commodity CPUs (e.g. Intel SGX) to protect cloud services and applications from malicious cloud providers.


Aims to remove technical impediments to dependable cloud computing for critical infrastructure applications such as smart grids and health care.


Investigates how to monitor information flow in cloud systems to reduce the likelihood of unwanted data disclosure.


Explores data stream processing in non-traditional environments like mesh and mobile ad-hoc networks.

Recent Publications

  • LibSEAL: Revealing Service Integrity Violations Using Trusted Execution, P-L. Aublin, F. Kelbert, D. O'Keeffe, D. Muthukumaran, C. Priebe, J. Lind, R. Krahn, C. Fetzer, D. Eyers and P. Pietzuch, EuroSys 2018.

  • Glamdring: Automatic Application Partitioning for Intel SGX, J.Lind, C. Priebe, D. Muthukumuran, D. O'Keeffe, P-L. Aublin, F. Kelbert, T. Reiher, D. Goltzche, D. Eyers, R. Kapitza, C. Fetzer and P. Pietzuch, USENIX ATC 2017.

  • SCONE: Secure Linux Containers with Intel SGX, S.Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J.Lind, D. Muthukumuran, D. O'Keeffe, M. Stillwell, D. Goltzche, D. Eyers, R. Kapitza, P. Pietzuch, and C. Fetzer, USENIX OSDI 2016.

  • FlowWatcher: Defending against Data Disclosure Vulnerabilities in Web Applications, D. Muthukumuran, D. O'Keeffe, C. Priebe, D. Eyers, B. Shand, and P. Pietzuch, ACM CCS 2015.

  • Network-Aware Stream Query Processing in Mobile Ad-Hoc Networks, D. O'Keeffe, T. Salonidis and P. Pietzuch, IEEE MILCOM 2015.

  • CloudSafetyNet: Detecting data leakage between Cloud tenants, C. Priebe, D. Muthukumuran, D. O'Keeffe, D. Eyers, B. Shand, R. Kapitza, and P. Pietzuch, ACM Cloud Computing Security Workshop (CCSW), 2014.

  • Adaptive Stream Query Planning for Hybrid Coalition Networks, D. O'Keeffe, T. Salonidis, and P. Pietzuch, 8th Annual Conference of the ITA (ACITA), 2014.

  • Adaptive Stream Processing for Hybrid Coalition Networks: Challenges and Initial Solutions, J. Kurose, D. O'Keeffe, P. Pietzuch, T. Salonidis, A. Seetharam, and D. Towsley, 7th Annual Conference of the ITA (ACITA), 2013.


Please see the CATE database for current undergraduate and MSc project proposals.