Internet of things entail embedding data in increasingly light and specialized smart objects (e.g., sensors, quantified-self devices, smart meters, smart badges, etc.). These smart objects exhibit severe hardware constraints and require at the same time sophisticated embedded data management functionalities to store the data, analyze, query and protect it. This raises a first question “How to make powerful data management techniques compatible with highly constrained hardware platforms?”. To tackle this question, SMIS contributes to the design of new storage and indexing models, query execution and optimization techniques, and transaction protocols adapted to low-end hardware.
By making information more accessible and by multiplying -sometimes unwillingly- the means of acquiring it, Internet of things unfortunately involve new threats for data privacy. Indeed, this mass of personal information usually ends up on servers where it can be carefully scrutinized by governmental agencies and companies in charge of processing it. The second question addressed by SMIS is then “How to make smart objects less intrusive?”. New access and usage control models have to be devised, enforced and made accountable to help individuals keeping a better control on the acquisition and sharing conditions of their data. However, privacy preservation must not hinder global treatments of great interest for the community (e.g., epidemiological studies). It then calls for the definition of new secured distributed protocols crossing data from multiple individuals without leak.
Assuming that the two former questions could be answered positively, new ways of managing personal/sensitive data could be devised. The third question driving our research is therefore “How to build privacy-by-design architectures based on trusted smart objects?”. We feel that architectural choices have a strong impact on the capacity to build privacy-by-design information systems. Our aim is to show that credible alternatives to a systematic centralization of sensitive/personal data on servers can be devised and to validate the approach through real case experiments.