Trusted Execution Environments –e.g. Intel SGX– provide a means to protect code and data from the system software. This allows performing private computations on untrusted third-party machines. This thesis explores the possibility of securing IoT stream processing using Intel SGX. The goal of the thesis is to develop a secure stream processing framework that seamlessly integrates Intel SGX and other privacy-preserving mechanisms to provide end-to-end data privacy in the presence of untrusted computing hosts.