International Conference on Commerce and Enterprise Computing (CEC 2007), Tokyo, Japan

Keynote I: Standardization of Technology for IC Card Ticket System by Yoshio Ishida
Keynote II: Enforceable Privacy Promises by Guenter Mueller
Keynote III: A Calculus for Service Innovation by James M. Tien

Keynote I: Standardization of Technology for IC Card Ticket System
Yoshio Ishida

"Suica," an IC Card Ticket System in East Japan Railway Company (JR East), has grown to over 20 million issues in five and a half years since its debut in November 18, 2001. Numerous tickets must be processed at the gates immediately to secure the smooth flow of passengers in Tokyo metropolitan area, where high frequent and mass transport is provided. The passengers, on the other hand, find importance of being free from the stresses buying tickets and adjusting fares. Suica was just an alternative ticket on JR East lines in Tokyo metropolitan area when it started. Supported by the passengers, Suica has expanded its available area in Tokyo metropolitan area and added new areas of Sendai and Niigata. Now IC Card Ticket Systems have been introduced in other railway companies. Those companies and JR East accept IC card tickets each other. That is, Suica can be used in much wider areas. As the volume reaches a certain amount of transport cards, Suica is used in other functions. In particular e-money function shows remarkable growth to over 520 thousand a day (April 13, 2007). The development of Suica has focused on high performance and high reliability. The smartcards under standardization in ISO, however, could not satisfy the requirements, especially high performance. The gap between the requirements and the standard made it extremely difficult to procure the exact smartcards needed. Upon the recent procedure for international standardization of "Interoperable Fare Management System," the past experiences encourage us to advocate implementing the users' needs into the standard. Finally we can contribute to the standardization incorporating the users' needs. This keynote introduces these cases and emphasizes the importance of standardization of technology according to users' needs.

Mr. Yoshio Ishida is Vice-Chairman of East Japan Railway Company (JR-EAST). In 1967, he joined Japanese National Railways (JNR). In 1987, he became General Manager of Train Operating Division, Tokyo Railway Operation Department, JR-EAST. Since 1989, he served as General Manager of Transport Safety Department until 1991, and subsequently he became General Manager of Transport & Rolling Stock Department. He served as Director of Takasaki Branch Office in 1992 and became Director of Transport & Rolling Stock Department in 1994. He served as Executive Director of Tokyo Branch Office in 1997, Executive Vice-President in 2000 and he is Vice-Chairman since 2004.

Keynote II: Enforceable Privacy Promises
Guenter Mueller

An increasing number of enterprises need access to private data of their customers. To gain these data they usually make privacy promises to customers in many different ways. The point card is one of the most well-known examples of such a privacy promise. Even if customers agree to the collection they do know if the collected data are misused. Only a few of these privacy promises can be automatically enforced. This limits the application of privacy technology, and may prevent the full exploitation of e-Commerce. This talk argues that most existing privacy enhancing technology (PET) will fail, since the real threat is not the control of access but the control of the usage of collected data. While "access control" section of security and privacy is well understood, it is unclear of how to do "usage control". A solution for usage control will be explained by elaborating on the data collected with a point card. role. Point cards encompass a "black and while" and one-sided privacy policy which the issuer has decided to comply with. Some policies are subject to slightly different privacy regulations in Europe, as well as in Japan and the US. In its technical challenges these regulations resemble the efforts for compliance, where promises to shareholders, employees and customers regarding transparency of financial behaviour have to be made transparent for later audit. While all efforts of access control technology are directed to the past, the technologies to enforce the provisions now and in the future are called obligations. Present day privacy technologies ensure provisions to a very good extend, they fail however as far as obligations are concerned. Concepts for a life cycle management system for collecting and handling private data are shown as well as the at present algebraically complete privacy tool, called ExPDT (Extended Privacy Definition Tool) which forms the guidelines for the enforcement of privacy promises in the "Future Store" of a large retailer. Comparison of policies, for example, allows the customer to move from one store to another. Conjunction, composition and reasoning based upon policy provisions and obligations allows the observation of sophisticated privacy policies.

Dr. Guenter Mueller is professor at Freiburg University in Germany and is director of an institute focusing on security and privacy. He received a Ph.D in computer science in Duisburg, Germany. He has held leadership positions at IBM Germany and Europe and was responsible for the network architectures of IBM before the time of internet. Here he was the leader of the first worldwide demonstration of heterogeneous networking with more those 28 companies around the world in Geneva at the World telecom. His contributions to E-mail for both OSI and Internet as well as his contributions to the design and use of predicate calculus based languages earned him several prestigious awards. In 1990 he founded the Institute of computer Science and Social studies at the University of Freiburg and concentrated on security and privacy research. Criteria to define security protection found their way into ISO standards and influenced the common criteria (CC). His work in multilateral security influenced both the German and the European legislature in E-Commerce and digital signatures. He was since 1992 continuously invited to Hitachi, NTT in Japan as well as to Harvard and Berkeley Universities in the US as a guest scientist. He consults several companies in risk management and the German Government in security, e.g. personal ID card and the heavily disputed health card. He is a guest editor of CACM.

Keynote III: A Calculus for Service Innovation
James M. Tien

Innovation in the services area - especially in the electronic services (e-services) domain - can be characterized by six decision-oriented attributes: decision-driven, information-based, real-time, continuously-adaptive, customer-centric and computationally-intensive. These attributes constitute the decision informatics paradigm. In turn, decision informatics is supported by information and decision technologies and based on the disciplines of data fusion/analysis, decision modeling and systems engineering. Out of the nine major innovation enablers in the services area (i.e., decision informatics, software algorithms, automation, telecommunication, collaboration, standardization, customization, organization, and globalization), decision informatics is shown to be a necessary enabler. Furthermore, four innovation drivers (i.e., collaboration, customization, integration and adaptation) are identified; all four are directed at empowering the individual - that is, at recognizing that the individual can, respectively, contribute in a collaborative situation, receive customized or personalized attention, access an integrated system or process, and obtain adaptive real-time or just-in-time input. By employing this services innovation calculus, white spaces are identified for possible future innovations; they include those that can mitigate the unforeseen consequences or abuses of earlier innovations, safeguard our rights to privacy, protect us from the always-on, interconnected world, provide us with an authoritative search engine, and generate a GDP metric that can adequately measure the growing knowledge economy, one driven by intangible ideas and services innovation.

Dr. James M. Tien received the BEE from Rensselaer Polytechnic Institute and the SM, EE and PhD from the Massachusetts Institute of Technology. He has held leadership positions at Bell Telephone Laboratories, at the Rand Corporation, and at Structured Decisions Corporation (which he co-founded in 1974). He joined the Department of Electrical, Computer and Systems Engineering at Rensselaer in 1977, became Acting Chair of the department, joined a unique interdisciplinary Department of Decision Sciences and Engineering Systems as its founding Chair, and twice served as the Acting Dean of Engineering. Dr. Tien's areas of research interest include the development and application of computer and systems analysis techniques to information and decision systems. He has published extensively, been invited to present many plenary lectures, and been honored with both teaching and research awards, including being elected a Fellow in IEEE, INFORMS and AAAS and being a recipient of the IEEE Joseph G. Wohl Outstanding Career Award, the IEEE Major Educational Innovation Award, the IEEE Norbert Wiener Award, and the IBM Faculty Award. Dr. Tien is also an elected member of the U. S. National Academy of Engineering., tienj(at)