The demand for multi-application smart card platform has been increasing in various business sectors recently. When it comes to the actual implementation of the platform, however, network-based dynamic downloading in a Card Issuer-Service Provider separated environment has not made much progress. This paper introduces the smart card information sharing platform that uses licensing/policy/profile management and PKI-based technologies to enable multiple CIs and multiple SPs to reflect their own business policy flexibly via network. It makes the paradigm shift from card-oriented scheme to service-oriented scheme. By through world's first implementation of the scheme and some experiments including deployment, we confirmed that this technology is well-accepted and applicable to various business sectors and it can be of practical use.

Object-oriented analysis methods can be grouped into data-driven and behavior-driven approaches. With data-driven approaches, object models are developed based on a list of objects and their inter-relationships, which describe a static view of the real world. With behavior-oriented approaches, a system usage scenario is analyzed before developing the object models. Although qualitative comparisons of these two types of methods have been made, there was no statistical study has evaluated them based on controlled experiments. This paper proposes the patterned object-oriented method, POOM, which is a behavior-oriented approach, and compares it to OMT, a data-driven approach, using small team experiments. The effectiveness of POOM is shown in terms of productivity and homogeneity.

We study the correspondence between problem descriptions and requirements specification documents derived from them. Based on the results of this investigation, a model that integrates the problem space and the requirements specification space is developed. This integration is based on a semantic network representation. We also propose a model of the requirements elicitation process that is consistent with our empirical studies of traceability in requirements documents. In this process, analysts derived requirements specifications from incomplete and ambiguous problem descriptions given by customers, identify missing information, completed it, and then decide the system boundaries that define which part of the problem descriptions to implement as the target system. The model can be used to complete problem descriptions given by customers and determine the system boundaries.

We describe an index for estimating the level of interest in Web pages. This "time-based interest" (TBI) index combinates an equation reflecting page accesses and an equation reflecting the decrease in interest over time. These equations work simultaneously by using a parameter that is based on the time since the last access. We experimentally estimated the decrease ratio of the TBI index and evaluated the characteristics of the TBI equation. We found that the index follows Zipf's distribution, indicating that reflects the change in popularity. We also introduce an access-log analysis system called CyberRanking that includes TBI analysis. CyberRanking analyzes the access logs of Web servers and presents the results in 2-D or 3-D graph on a Web browser.

The traceability of data flow diagrams against structure charts is very important for large software development. Specifying if there is a relationship between a data flow diagram and a structure chart is a time consuming task. Existing CASE tools provide a way to maintain traceability. If we can extract the input-output relationship of a system from a structure chart, the corresponding data flow diagram can be automatically generated from the relationship. For example, Benedusi et al. proposed a reverse engineering methodology to reconstruct a data flow diagram from existing code. The methodology develops a hierarchical data flow diagram from dependency relationships between the program variables. The methodology, however, transforms each module in structure charts into a process in data flow diagrams. The reconstructed diagrams may have different processes with the same name. This paper proposes a transformation algorithm that solves these problems. It analyzes the structure charts and extracts the input and ouput relationships, then determines how the set of outputs depends on the set of inputs for the data flow diagram process. After that, it produces a data flow diagram based on the include operation between the sets of output items. The major characteristics of the algorithm are that it is simple, because it only uses the basic operations of sets, it generates data flow diagrams with deterministic steps, and it can generate minimal data flow diagrams. This process will reduce the cost of traceability between data flow diagrams and structure charts.

There is increasing demand for corporate information systems that have a simple human interface and are easy to access via WWW browsers. This paper proposes WebBASE, which integrates the WWW and relational databases. Experimental evaluation shows that WebBASE offers superior performance compared to existing products. Field studies of actual WebBASE applications show that it can improve the productivity of software developers for intranet application development.

We propose requirement validation criteria and a method based on the interaction between actors in an information system. We focus on the cyclical transitions of one actor's situation against another and clarify observable stimuli and responses based on these transitions. Both actors' situations can be listed in a state transition table, which describes the observable stimuli or responses they send or receive. Examination of the interaction between both actors in the state transition tables enables us to detect missing or defective observable stimuli or responses. Typically, this method can be applied to the examination of the interaction between a resource managed by the information system and its user. As a case study, we analyzed 332 requirement defect reports of an actual system development project in Japan. We found that there were a certain amount of defects regarding missing or defective stimuli and responses, which can be detected using our proposed method if this method is used in the requirement definition phase. This means that we can reach a more complete requirement definition with our proposed method.

Research has been actively proposed into how to specify requirements in the upper stream of software development. For example, the main research issues regarding Structured Analysis and Object Oriented Analysis methodologies include requirements elicitation, modeling, and validation of specifications to give a starting point for software development. At the same time, another area of research has emerged that recognizes the importance of guaranteeing requirements quality by goals. As the impact of IT penetrates to mobile devices, information appliances and automobiles, goal oriented requirements engineering (GORE) approaches for performance and safety in embedded systems have been proposed. Non-Functional Requirements (NFRs) such as business strategy, security and privacy, are now being formalized by Requirements Engineering (RE) technologies, because enterprise business is now heavily influenced by IT, for example in e-Business. As IT is fast becoming ubiquitous in society, the importance of Goal Orientation will increase as socio-technology enables visualization of the role of software in social systems. In this paper, we discuss the current states and trends of GORE from the viewpoints of both academia and industry.

Assurance cases are documents for arguing that systems satisfy required properties such as safety and security in the given environment based on sufficient evidence. As systems become complex and networked, the importance of assurance cases has become significant. However, we observe that creating assurance cases has some essential difficulties, and unfortunately it seems that assurance cases have not been widely used in industries. For this problem, we have been developing assurance cases creation methods and opening workshops based on the creation methods. This paper presents an assurance cases creation method called “D-Case Steps” which is based on d* framework[1], an agent-based assurance case method, and reports the results of workshops. The results indicate that our workshops have been improved and our activities on assurance cases facilitates use of them in Japan. This paper is an extended version of [2]. We add detailed background and related works, workshops results and evaluation, and lessons learned from our a decade experiences.