| Increasing the security of e-Business is best achieved by considering the environment in which e-Business applications need to be implemented and used; this implies that e-Business should be viewed as a complex socio-technical system with three interconnected and interacting elements: stakeholders, enabling technology, and business processes. This multiple perspective has rarely been captured by previous studies of e-Business security which perceive security from a narrow, single-sided technical view. This thesis argues that the predominant technical security approaches consider neither the multifaceted nature of e-Business security nor the requirements and influences of the various stakeholders involved in its context. In Jordan e-Business adoption is still in its early stages and is gaining the attention of several parties. Therefore, the primary approach in this research is an interpretive stakeholder analysis in which notions of a socio-technical perspective are employed as required in order to develop a conceptual framework for better understanding of e-Business security in the context of Jordan. In other words, an interpretive approach has been adopted as a mean of inquiry aiming at developing a holistic understanding of e-Business security in relation to its context as well as considering all the stakeholders in the problem area. This methodological choice was influenced by three factors: the nature of the research problem, the researcher's theoretical lens, and the degree of uncertainty in the study environment. Consequently, four major stakeholders were identified and their security implications were explored. The study's findings provide rich insights into the security of e-Business by identifying and interpreting the roles, the perceptions, and the interactions of several groups of security stakeholders. The theoretical contributions include: an explanatory framework of organisational, legal, human and technical factors affecting security in e-Business environments which was developed by employing an inductive stakeholder analysis as well as the identification of several organisational aspects, such as governance, communication, power conflict, awareness, and resistance to change, and their relationships to security as well as their practical implications at individual, organisational, and national levels. Additionally, the findings provide insights into the customers' side of the security problem and explain its relationships with other stakeholders, including government, business and technology providers. This is a sound practical contribution which can help these stakeholders to design better security approaches based on a deeper understanding of customers' security requirements. |
