Ubiquitous computing and ambient intelligence entail embedding data in increasingly light and specialized devices (chips, sensors and electronic appliances for smart buildings, telephony, transportation, health, etc.). These devices exhibit severe hardware constraints to match size, security, power consumption and also production costs requirements. At the same time, they can highly benefit from embedded database functionalities to store the data, analyze it, query it and protect it. This raises a first question 'Q1: How to make powerful data management techniques compatible with highly constrained hardware platforms?'. SMIS tackles this question by designing and validating new storage and indexing models, query execution and optimization techniques, and transaction protocols. This research goes beyond embedded databases and may have potential applications for database servers running on advanced hardware.

By making information more accessible and by multiplying - often transparently - the means of acquiring it, ubiquitous computing and ambient intelligence involve new threats for data privacy. The second question addressed by the project-team is then 'Q2: How to make smart objects less intrusive?'. New access and usage control models have to be devised to help individuals to keep a better control on the acquision and sharing conditions of their data. Apropriate mechanisms to enforce this control and make it accountable with strong security guarantees are also required.

In parallel, thanks to a high degree of decentralization and to the emergence of low cost tamper-resistant hardware, ubiquitous computing contain the seeds for new ways of managing personal/sensitive data. The third question driving the research of the project-team is therefore 'Q3: How to build privacy-by-design architectures based on trusted smart objects?'. The objective is to capitalize on embedded data management techniques, privacy-preserving mechanisms, trusted devices and cryptographic protocols to define an integrated framework dedicated to the secure management of sensitive/personal data. The expectation is showing that credible alternatives to a systematic centralization of sensitive/personal data on servers can be devised and validating the approach through real case experiments.