International Journal of Interactive Mobile Technologies (iJIM) - Volume 4, Issue 4, October 2010 BUILDING AN E-COMMERCE INFRASTRUCTURE IN JORDAN: CHALLENGES AND REQUIREMENTS Building an e-Commerce Infrastructure in Jordan: Challenges and Requirements doi:10.3991/ijim.v4i4.1425 Dr. Muhannad Al-Shboul1, Dr. Izzat Alsmadi2 1The University of Jordan, Amman, Jordan 2Yarmouk University, Irbid, Jordan Abstract—Many countries around the world are trying to build and enhance their internet infrastructure and utilize services related to the Internet such as e-Commerce, infor- mation connectivity, accessibility, etc. However, studies in- dicated that network and hardware requirements are not always the major barrier for progressing in these goals. In some cases, cultural, legal or environmental factor may dominate the type of barriers for the expansion of internet related service in many countries around the world. This paper presents challenges and requirements for the en- hancement of e-Commerce services in particular for Jordan. Index Terms—e-Commerce, Network Security, Digital Cer- tificates, Certification Authority, e-Business, PKI, and Digi- tal Signature. I. INTRODUCTION The revolution of the Internet has played significant role in commerce and business in the whole world, which connects millions of people as well as millions of com- puters. Nevertheless, these types of communication are increasing day after day, and it is used in many sectors, especially in conducting business on the Internet, because internet reduces cost of process, accomplishes and achieves more work without any increasing of costs, and it improves the quality of services, but this does not mean every online business can be success, because on the other hand Internet and the new technology encourage and help hackers and online criminals to attack any kind of busi- ness and disrupt it, so this leads to emerge security issue, also hackers might access and steal customer personal and financial information, as a result this will lead to emerge privacy issue. In addition because the Internet gives peo- ple the ability to access any Website in everywhere, peo- ple can search for better products or services, accordingly this increases the competition among companies. e-Commerce websites allow financial transactions to be executed over the internet. This completes the full cycle of buying or selling an item (i.e. shopping, selecting, paying, shipping, and receiving). e-Commerce websites can work as virtual stores only or can augment physical retail op- erations. e-Commerce websites can also be built to sell services or items that does not required shipping such as tickets, calling cards, stock trading, subscriptions, and memberships. The ability for e-Commerce websites to complete the transaction online is very important. The ability to com- plete this transaction in a secured manner is more impor- tant to raise the customers’ level of confidence on online shopping as a competing alternative for regular ones. A secure e-Commerce website can provide businesses with powerful user's motivated advantages, including increased online retail sales, as well as streamlined application proc- esses for products such as insurance or credit cards. Digital identification is increasingly evolving in use and importance as a method to safely identify humans or enti- ties especially through online business transactions. Through history, several techniques are used to uniquely identify individuals. Up to date, writing signatures are significant and required to verify that the person filling an application for example, is the same person he or she claims to be. Biometric signatures such as finger prints, iris patterns of the eyes, retina scans, DNA, voice prints, facial features, etc. are important and are able to uniquely identify an individual. However, none of those signatures can be conveniently implementing online to complete a transaction in a short time with a reasonable cost. Public Key Infrastructure (PKI) is a set of technologies and security policies used to issue, revoke, and manage digital certificates and key pairs [1]. In digital certificates, users are identified by the infor- mation embedded on their machines, and verified by mu- tually trusted third party entities called Certification Au- thorities (CA) (such as Thawte or Verisign), that guaran- tees that the website operating is who it claims to be [2]. CA issues and manages digital certificates. They are third party trusted entities to authenticate sellers to buyers, banks to customers, email servers to email users, etc. In general, users are not supposed to expose any personal or financial information in any website that does not have a valid certification. There are some requirements for any company or entity that wish to become a certificate authority who issues cer- tificates to clients. As a hardware requirement, digital cer- tificates are usually created by certificate servers such as Cisco IOS, Microsoft certificate server, EverLink, etc. CA’s should make sure that their certificate database is secured from being accessed or hacked by invaders. There are several forms of digital certificates. In this first type of certificates, software companies send their keys (public keys) to their customers. Customers will re- turn back a certificate that combines the software com- pany’s public key with their private key (which includes specific information taken from their computers to include unique identifiers that distinguish a computer from all other computers). This information may include MAC addresses, IP address, CPU and hard drive unique identifi- ers, etc. The digital certificate will be encrypted so that its information will not be readable if retrieved by unauthen- ticated users. It can be understood only by those who is- 18 http://www.i-jim.org http://net.educause.edu/ir/library/powerpoint/NCP0311.pps� http://dx.doi.org/10.3991/ijim.v4i4.1425� BUILDING AN E-COMMERCE INFRASTRUCTURE IN JORDAN: CHALLENGES AND REQUIREMENTS sued it. Figure 1 shows a sample of a digital certificate retrieved from a computer. In a second type, users can also gain self or individual certificates if they wish to uniquely identify themselves through online transactions. There are some companies who can provide such individual certificates for free. The third type of digital certificates, which is our focus here, is those digital certificates that are gained by web- sites who wants to allow users to enter personal or finan- cial information online. They want their users to trust them and feel secure entering their personal or financial information. Examples of such websites include: banks, hotels, e-businesses (such as Amazon, ebay, etc.), and email servers (such as Yahoo and Gmail). There are different models for CA’s. In the traditional model or infrastructure for the Public Key Infrastructure (PKI), a company or entity will submit their information and request to a certificate authority. The CA will review the submitted information and decided whether to issue a certificate or not. The certificate will be issued for a spe- cific limited time. The same process is repeated whenever the certificate is renewed. This type of certification is not dynamic or real time. This means that the CA does not check the validity of the CA upon requests. The entity will possess the certification for the specified amount. In another model, the certificate are requested and au- thorized, or declined upon request. This process is ex- pected to be more secure, but more complex than the ear- lier one. In different flavors of the models, the transaction content will, or will not be sent with the authorization request. As such, some entities will be authenticated in general, while others will be authenticated to do specific transactions. Digital certificates are trusted identifications in elec- tronic formats that bind a public encryption key to an identity to achieve public trust in that identity. They are a major factor in giving users confidence in websites and their legitimacy. Some digital certificates can be transferred from one machine to another. Others generate the individual private key using some of the machine information such as the MAC address, computer name, etc. This means that those certificates can not be used on other machines – without being reinitialized by the CA or the company who issued it. Typically, two things distinguish a certified website: the letter “s” after http, and the certificate header in the right side of the address bar (Figure 2 and 3). The “s” in “https” means that you are logging onto a Secure Socket Layer (SSL) site. If you view the certificate from the web browser, it will display three main information: issued to, issued by, and the validity period. II. CERTIFICATE AUTHORITIES IN MIDDLE EAST Some companies such as Comtrust [3] offer digital cer- tificates in United Arab Emirates (UAE). They provide PKI technologies and authorize digital certificates for servers, companies, and individuals. Nevertheless, they still require individuals to come in person to verify their identity. In Egypt, digital certificates are issues through some companies such as: ITIDA (Root-CA, Trento Egypt and Gateway, LINKdotNET, etc... Egypt experienced research and proposals e-Government services to allow citizens to process some papers online. In Saudi Arabia, the Government is in the progress of authorizing certifi- cates, secure emails and several other e-Government and e-Business solutions. Some companies or agencies who are working toward this goal are: SAMA and Entrust partnership. Israel has several CA companies that issue certificates such as: ComSign, IUCC, StarCom, etc. Jordan started early in studying the possibilities of im- plementing online security. In 2002, a joint effort by Mid- dle East Communications Corporation (MEC) and WISe- key Switzerland is initiated to allow MEC issuing digital certificates in Jordan [4]. It was expected to be in use by the year 2004. Figure 1. A digital certificate example. Figure 2. A typical certified website user interface. Figure 3. A URL address of a certified website. iJIM – Volume 4, Issue 4, October 2010 19 BUILDING AN E-COMMERCE INFRASTRUCTURE IN JORDAN: CHALLENGES AND REQUIREMENTS In 2003, Jordanian ESKADENIA Software Solutions worked in a project to be a local dealer for UAE Comtrust to market e-business services in Jordan [5]. However, neither one of those projects aparently reached a deliver- able goal. In an article published in June 14th 2006 by the Minis- try of Information and Communications Technology (MoICT) [5], the document envisions a plan for an e- Government through a plan over the period of 2006-2009. Several laws and regulations were issued to regulate online services. The article concluded by the assessment for critical success factors and risks. Table1 shows the critical success factors and Table2 shows the risk ele- ments. Tables1 and 2 summarize some of the obstacles and barriers for implementing e-Government including offer- ing online identities, digital certificates, and several other online related services. Ahmed and Hussein Al-Omari (2006) [7] similarly listed some of obstacles and challenges such as organiza- tions, government, and customers’ readiness. TABLE I. CRITICAL SUCCESS FACTORS. Critical Success Factor Requirement Availability of resources (HR) Commitment by Gov of Jordan Availability of local skills to implement and` use e- Government Develop courses locally School/College/ University to re- skill people Availability of local skills to implement and` use e- Government Incentives to e-Government stake- holders to strengthen e-Gov related skills Availability of Laws and regula- tions that support the implemen- tation of e-Government Active coordination among con- cerned agencies to develop and enforce coherent and effective legal framework Cooperation and harmony among Government entities in decision making for e- Government initiatives Appoint and activate the National e- Government Steering Committee (eGSC) Ability and willingness of Gov- ernment entities to document and share their business require- ments, processes, services, data and strategies Active coordination among Govern- ment entities to document and share information necessary for e- Government initiatives Political commitment to ensure “buy in” by Government entities across government Appoint and activate the National e- Government Steering Committee (eGSC) Internet channel penetration Telecom sector development, regula- tory framework to promote competi- tion Private sector capacity to par- ticipate in/support e-Government ICT sector development Appoint and activate the National e- Government Steering Committee (eGSC) Passage of e-Gov regulations and other actions to secure endorsement at top levels of Government Development of “champions” at key ministries / entities; development of administrative will for e-Government initiatives Sustainability of e-Government implementation despite political changes and reshuffle of Gov- ernment officials Recognition of e-Government as a priority in National Agenda However, it is fair to say that some of those obstacles are not exclusively related to Jordan or any third world country. This field is quickly evolving in a way that pre- sents a difficulty for public or government entities to keep up with. Governments are not expected to take the major role in such field. The Governments will be responsible in making sure that there is an infrastructure for handling all related activities. Laws and regulations should be established to control online business and activities. The government should promote using digital certificates and online business through cooperation and acceptance. Internal or external investors should be invited and helped in building an in- frastructure for establishing such environment. There is no much difference between this field and the wireless and cell phones communications fields. They both require large investment to build a reliable infrastructure. As a result, investments need to see a commitment from the Government for cooperation. Using digital certificates can be a one important step to facilitate e-Business. Jordan does not lack technical problems in the telecommunica- tion and industry fields. On contrary, Jordan is a pioneer country in the Middle East in those fields. It also provides several other countries in the region with the personnel support and experience. TABLE II. E-GOVERNMENT RISKS. Risk Mitigation/Contingency Realistic, well-sequenced phases for e- Government rollout Develop pilot projects that can be scaled later based on demand and biz CA’s Encourage use of innovative commercial arrangements (PPPs) attractive to private sector for investment in e-Government Cost of e-Government is too high for the GOJ Encourage strategic partnerships with specialized international vendors to invest in e-Government Conflicting decisions among government depart- ments Use of inter-agency working groups with clear authority to supervise and enforce e- Government policies and standards Resources within GOJ do not have the skills to im- plement e-Gov Strategy 1. Support to government entities for IT training and other necessary Skills 2. Recruit staff with relevant skills 3. Incentives for Government entities to invest in developing ICT exper- tise internally 4. Outsourcing certain functions when business CA’s supports it 5. Create links with local universities to give on-the-job-training to stu- dents 6. Promote retention of skilled profes- sionals in cooperation with other programs (e.g., Reach) Resistance to change Increase awareness among stakeholders, raise accountability, and enhance change management Speed of change does not satisfy political agenda Re-align e-Government Strategy with political priorities and changes Expectations are overly high Increase awareness of e-Government Strategy among stakeholders and manage expectations 20 http://www.i-jim.org BUILDING AN E-COMMERCE INFRASTRUCTURE IN JORDAN: CHALLENGES AND REQUIREMENTS III. JORDAN E-GOVERNMENT: CHALLENGES AND PROGRESSES. Currently, Jordan offers several e-services to its citi- zens. They can inquire about several related information such as [8]: Greater Amman Municipality (vehicles ticket- ing and complaints), driver and vehicle licenses depart- ment (vehicle license expiration date), Jordan custom (In- quiry about vehicle custom, guarantee orders, etc), Am- man (Water Bills), Income and sales tax department (in- come balance for individuals), and housing and urban development corporation. However, user can inquire – and not have to pay for ex- ample – for those services. There is not any usage of digi- tal certificates (not even the e-Government websites them- selves). According to the income and sales tax depart- ment’s website (http://www.incometax.gov.jo/IncomeTax/ Home/Login.aspx), users can inquire and pay their taxes on line. The website states that it is certified, however, it does not seem to be using digital certificates. The website does not allow users to create their user name and pass- word which indicate that they may need to register in per- son first. Doing a survey for Jordanian banks, very few banks, such as the Arab bank, Arab Jordan investment bank, the housing bank, etc. are using digital certificates and secur- ing online transactions – verified by VeriSign CA, a widely known international certificate authority-, others do not have on line access at all, and the third category offers online services without secure transactions which may cause customers’ information to be compromised. As an online user, before entering personal or financial in- formation online, the user should check the certificate, to verify the identity of the website he or she is entering his or her information into. Without such information, user could be giving his or her information to unknown indi- viduals that may reuse it without prior knowledge. How- ever, similar to e-Businesses, banks are the second major category that will benefit from digital certificates. Figure 4 shows the certificate market share for CA’s in Jordan [9]. The international certificate authority, VeriSign, is taking the majority of the market share in Jordan. Table 3 shows the number of certified websites in selected countries as of 2006 [9]. Jordan has only 26 web- sites (mainly banks), which is relatively a very small number of websites if it will be compared to the readiness of Jordan (in resources and infrastructure). In most studies to evaluate e-Government worldwide [10, 11, 12, 13, 14, 15], Jordan scores relatively low in terms of citizens’ par- ticipation. Jordanian citizens will be encouraged to visit e- Government websites if they can provide them with alter- native services to check their taxes and pay them, check their electric, water, and phone bills and pay them, or check the status of any info or service they are requesting from a governmental entity. All those services may not be possible without digital certificates. As described earlier, there have been several unsuccess- ful trials by local companies to establish certificate au- thorities in Jordan. They maybe have problems getting the right authentication and trust from Government and pri- vate sectors. As an alternative, Jordanian Government, represented by any entity or ministry such as Ministry of Information and Communications Technology (MOICT) can be a certificate authority that will authenticate certifi- cates for all those who are requesting to have them. Figure 4. Certificate market share for CA’s in Jordan [9]. TABLE III. NUMBER OF CERTIFIED WEBSITES IN JORDAN AND SOME SELECTED COUNTRIES [9]. Country No. of servers certified Country No. of servers certified USA 250558 Lebanon 38 UK 31870 Iran 26 Turkey 1528 Jordan 26 Israel 1221 Morocco 24 UAE 222 KSA 90 Qatar 17 Kuwait 83 Tunisia 16 Egypt 46 Oman 8 Bahrain 44 Algeria 4 IV. GOALS AND APPROACHES A successful e-Commerce or e-Business infrastructure in Jordan will help several public and private sectors bene- fit from it. For example, electric power, water and tele- phone companies may utilize the e-Commerce infrastruc- ture to allow their customers check their accounts online for their current amount of usage and will also allow them to pay online. This may help both service providers and customers. Providers will have less effort and their em- ployees can perform accounts checking and billing and will reduce the overhead of customer services tasks. For customers, it will be more convenient as they can track their account status and pay on their convenient time without the need to go to local, usually busy, agencies. Banks and hotels have also large piece of the steak of in- terest of having a successful e-Commerce infrastructure. For hotels, customers can shop their websites and book online without the need for mediators or agencies who usually charge for being the middle man. e-Banking is convenient to both banks customers and employees. It will reduce the amount of customer service calls from custom- ers who usually enquire about their account details or transactions that they can check online. Requirements for a successful e-Commerce infrastruc- ture in Jordan are divided into three categories: legal, software and hardware perspectives. The followings are the typical requirements for each category, along with what is missing and needed. A. Legal perspectives: e-Commerce laws and regulations In European Union countries, e-Commerce refers to the carrying out of business using electronic means. This gen- erally means over the internet. However, from a legal per- iJIM – Volume 4, Issue 4, October 2010 21 http://www.incometax.gov.jo/IncomeTax/�Home/Login.aspx� http://www.incometax.gov.jo/IncomeTax/�Home/Login.aspx� BUILDING AN E-COMMERCE INFRASTRUCTURE IN JORDAN: CHALLENGES AND REQUIREMENTS spective, the term is often used to include remote selling by telephone and email, as well as online. It is also fre- quently used to refer to legal issues generally relating to the Internet and online trading. There are several types of contracts which are required to exist when a business becomes involved in e- Commerce transactions. As a result, laws should regulate each section of those contracts to ensure that online cus- tomers transactions will go smoothly and that a judge can have clear regulations to rule with once an online dispute occurs. These include: Website development: content and hosting agree- ments. When a business wishes to set up a website, it needs to ensure that the design and content of the website do not infringe or violate any third party rights. For example, laws should regulate who is in charge of website content, the owner or the design company. Other related issues may arise from sites performance and secu- rity specially once a website start having heavy online transactions. Internet service provider agreements: Companies who are responsible for developing the e-Commerce web- site can be the same companies who provide the hosting service or they can be separate. Similar to the web design companies, web hosting companies should have clear re- sponsibilities regarding their duties and responsibilities. This may include laws about privacy, copyrights, etc. It also needs to be sure that their websites are properly hosted and will not suffer from excessive down time. These issues can be dealt with by website development, content, and hosting agreements. Disputes may occur be- tween companies who provide the e-services and the company who support them or provide the hosting or the related tasks. Laws should regulate when a support com- pany is liable for performance, reliability, or security problems. In general, supporting companies should pro- vide explicit agreements of things they are liable to pro- vide or control and will be compared to their rivals once their clients claim that they did not perform their expected duties. Website usage and privacy policies: This may include the privacy of both owners and customers. Web site de- sign and hosting companies are not supposed to expose their clients’ information to their rivals. They should have implicit or explicit agreements with their clients of who is in charge of contents protection. In some cases, hackers may access an e-Commerce website to vandalize it. Clear boundaries should be drawn of what is considered as “rea- sonable” protection from the web design or hosting com- panies for their clients’ information. This is usually com- pared to the security and protection that competitor com- panies provide. Website and telephone sales terms and conditions: In some countries, online or telephone sales are governed by the Consumer Protection (Distance Selling) Regula- tions 2000 and the Electronic Commerce Regulations 2002. Such sales are generally conducted in a manner where there will be no scope for negotiating terms. Ac- cordingly, any business hoping to trade in this way will require standard terms and conditions of sale. There are special rules which cover most sales to customers (subject to some exceptions), and give them more rights than they would have in a face-to-face purchase. These include: A: A right to receive certain information as to the prod- ucts and the identity of the seller. This will ensure protec- tion from scammers or fake e-Commerce companies. B: A right to cancel goods without any penalty or fees. This can be for up to certain amount of days after delivery if the necessary information has been provided to the cus- tomers and the right for customers to return their products without any charge, if sold products were not as pre- scribed. Return policies can be cumbersome for both cli- ents and sellers in initial stages. On the one hand, sellers need to respect their buyers’ right to undo a sale that they are not happy with, within certain amount of time. On the other hand, buyers need to learn that despite the fact that they have the right to return a product within certain time, and they should not do this without a logical convincing reason. As mentioned earlier, this can be initially complex and require time and cultural change. C: A duty imposed on the seller to deliver goods within 30 days of the order (subject to an ability to extend or cancel) Because the relevant regulations are laid down by European law, these rights apply to all customers located in any European Union country. B. Software perspective: How to build an infrastructure for a trusted e-Commerce websites This section will focus on the software and websites re- quirements to implement e-services or business. In most e-Commerce infrastructures, to secure access to e-Commerce websites, it should be including two basic components in order to allow users to securely perform online transactions: A: Digital certificates for web servers, providing guar- antees of authentication, privacy and data integrity through encryption. Digital certificates can be issued by mediators called Certificate Authorities (CAs) to authenti- cate the seller to the buyer and vice versa. They can be generated through special programs or tools. They contain unique information about the user identity or machine to uniquely identify them from others. Digital certificates are also used to protect software products from piracy. Two users of particular software will have problem using it once they both go online as the owner of the software will discover that the key that was given for a particular client is used by more than one user. Encryption is used to secure the information embedded in digital certificates. Encryption is the process of trans- forming information before communicating it to make it unintelligible to all but the intended recipient. Encryption uses mathematical formulas called cryptographic algo- rithms, or ciphers, and numbers called keys, to encrypt or decrypt information. B: Secure e-payment system and management, to allow e-commerce sites to secure and automatically accept, manage and process online payments. This can be usually organized with owners’ banks. Websites will be securely connected to the buyers’ bank accounts. Once an online transaction is secured executed, the money should be di- rectly transferred from the seller to the buyer account. This process should be performed in a fast, reliable, and secure way. Those three elements (i.e. reliability, per- formance, and security) are vital to the success of any e- Commerce website. 22 http://www.i-jim.org BUILDING AN E-COMMERCE INFRASTRUCTURE IN JORDAN: CHALLENGES AND REQUIREMENTS Laws should regulate any dispute on online transac- tions. Users may deny that they actually perform such transaction. They may claim that their cards were stolen. They may also claim that they have been double charged, or charged extra amounts. In some cases, insurance com- panies may provide services to cover such expenses. C. Network and hardware perspective: Internet readiness A closely related requirement to the software and web- sites’ requirements is the existence of a network or hard- ware infrastructure. This may include the routers, fiber optics, or wireless communication channels, firewalls, etc. Since both (software and hardware perspectives) may include hardware and software elements, they will be dis- tinguished through the location. This perspective repre- sents any requirements outside the user machine. Generally speaking, Jordan has a relatively good net- work and internet infrastructure relative to most Middle East countries. Internet services exist in different forms in Jordan. They are also accessible to most citizens with a reasonable cost. Internet service is currently provided by several companies. It is also provided in different speeds such as dial-up, ADSL, and wireless. Users can access the internet from their desktops, laptops, and PDAs. D. Extra requirements for a successful e-Commerce business Another major player in the e-Commerce world is the sipping companies. In order to compete with normal shops and businesses, shipping should be also quick, reliable, and secure. Laws should regulate the terms for shipping, such as costs, types, and who is in charge in case of prod- ucts defects. Products defects may due to buyers or ship- ping issues. Despite the fact that an e-Business culture should exist in any country to allow such business to exist, however, laws and regulations should always assume the worst and be able to handle dispute cases. V. CONCLUSION AND FUTURE WORK In order to build an e-Commerce infrastructure in any company, the technical, network, and hardware require- ments are not always the only barriers. The readiness for such technologies or services may require also improving or enhancing society, cultural, or legal regulations and perspectives to the new technologies. Customers need to learn how to communicate online. They need to learn how to shop, sincerely post items online, committed to pay and ship on time. Businesses also need to be opened toward some necessary ethical e- Business manners such as giving their buyers certain pe- riod of time for returning the items or changing them. Jordan Internet infrastructure is strong and capable of handling the construction of a trusted network. The private sector should take the lead in PKI and digital identity in- frastructure. Once such infrastructure is established, many of those related and dependent industries can exist and provide an important economical input to the national revenue. In future, the researchers will follow up with two re- search projects. They will create surveys to evaluate strengths and weaknesses in e-Government implementa- tion in Jordan. Then they will try to distribute the survey among those who can provide the right useful information for the purpose of the study. The second track will use web metrics to evaluate the traffic and usage of e-Government websites in Jordan. This stage is expected to give the researchers a better im- age about the actual usage of those websites. It may indi- cate weaknesses or strengths in particular websites. In order to do that, the researchers may need the assistant and the cooperation of e-Government websites administrators to get websites log or to add scripts to monitor those web- sites. REFERENCES [1] Secure computing corporation. Digital certificates. http://www.securecomputing.com/gateway/digital_certificates.cfm . 2008. [2] Conjecture corporation. What are digital certificates. http://www.wisegeek.com/what-are-digital-certificates.htm. 2008. [3] Comtrust. http://www.comtrust.co.ae-/docs/contactus.htm. 2008. [4] WISekey. http://www.wisekey.com/press/-jordan32002.htm. 2002. 2008. [5] Jordan e-government program, e-Government strategy. http://www.moict.gov.jo/moict/e_gov_strategy/e-Government%20 Strategy.pdf. 2006. 2008. [6] Comtrust ties up Jordanian company ESKADENIA. AME Info. . 2003. 2008. [7] Ahmed Al-Omari and Hussein Al-Omari. E-Government Readi- ness Assessment Model. J. Computer Sci., 2 (11): Pages: 841- 845, 2006. . [8] Zain - Jordan Mobile Telephone Services. . 2008. [9] Netcraft, Certificate services. . 2006. 2008. [10] Holzer, Mark, and Seang-Tae Kim. DIGITAL GOVERNANCE IN MUNICIPALITIES WORLDWIDE, An Assessment of Mu- nicipal Web Sites Throughout the World. The E-Governance Insti- tute/ National Center for Public Productivity Rutgers, the State University of New Jersey, Campus at Newark. 2003. [11] Holzer, Maroc, and Aroon Manoharan. Global Trends in Munici- pal E-Government: An Online Assessment of Worldwide Munici- pal Web Portals. [12] Holzer, Mark, and Seang-Tae Kim. DIGITAL GOVERNANCE IN MUNICIPALITIES WORLDWIDE (2007), A Longitudinal Assessment of Municipal Web Sites Throughout the World. The E-Governance Institute/ National Center for Public Productivity Rutgers, the State University of New Jersey, Campus at Newark. 2007. [13] West, Darrel. Global e-government. http://www.insidepolitics.org/ egovtdata.html. 2005. [14] West, Darrel. Global e-government. http://www.insidepolitics.org/ egovtdata.html. 2006. [15] West, Darrel. Global e-government. http://www.insidepolitics.org/ egovtdata.html. 2007. [16] e-business infrastructure, W.H. Inmon, http://www.business.aau.dk/oekostyr/file/e-business_infrastructu re.pdf. Billinmon.com 2000, 2010. [17] Thein, N.; Naing, T.T., Grid Security Framework for Managing the Certificate, Web Intelligence, 2006. WI 2006. IEEE/WIC/ACM International Conference on Volume , Issue , Dec. 2006 Page(s):166 – 169. [18] Dawn Jutla, Peter Bodorik and Yie Wang, Developing internet e- commerce benchmarks, Information Systems. Volume 24, Issue 6, September 1999, Pages 475-493. doi:10.1016/S0306-4379(99) 00028-9 [19] Brian Cusack, Assessing Business Value of IT and IS Risk: Secu- rity Issues, 20th Australasian Conference on Information Systems, 2009. iJIM – Volume 4, Issue 4, October 2010 23 http://www.securecomputing.com/gateway/digital_certificates.cfm. 2008� http://www.securecomputing.com/gateway/digital_certificates.cfm. 2008� http://www.conjecture.com/� http://www.wisegeek.com/what-are-digital-certificates.htm. 2008� http://www.moict.gov.jo/moict/e_gov_strategy/e-Government �Strategy.pdf� http://www.moict.gov.jo/moict/e_gov_strategy/e-Government �Strategy.pdf� http://www.ameinfo.com/26458.html� http://www.jo.zain.com-/English/Business/BusinessServices/Pag�es/E-Government.aspx� http://www.jo.zain.com-/English/Business/BusinessServices/Pag�es/E-Government.aspx� http://www.insidepolitics.org/�egovtdata.html� http://www.insidepolitics.org/�egovtdata.html� http://www.insidepolitics.org/�egovtdata.html� http://www.insidepolitics.org/�egovtdata.html� http://www.insidepolitics.org/�egovtdata.html. 2007� http://www.insidepolitics.org/�egovtdata.html. 2007� http://www.business.aau.dk/oekostyr/file/e-business_infrastructu� http://www.sciencedirect.com/science/journal/03064379� http://www.sciencedirect.com/science?_ob=PublicationURL&_tockey=%23TOC%235646%231999%23999759993%23146108%23FLP%23&_cdi=5646&_pubType=J&view=c&_auth=y&_acct=C000050221&_version=1&_urlVersion=0&_userid=10&md5=11f2c5d8d1df3e621e0f0a144467c400� http://dx.doi.org/10.1016/S0306-4379%2899%2900028-9� http://dx.doi.org/10.1016/S0306-4379%2899%2900028-9� BUILDING AN E-COMMERCE INFRASTRUCTURE IN JORDAN: CHALLENGES AND REQUIREMENTS AUTHORS Dr. Muhannad Al-Shboul is a member of the Re- searchers' Association and with the Computer Center, The University of Jordan, Amman, CO 11942 Jordan (e-mail: malshboul@ju.edu.jo). Dr. Izzat Alsmadi is with the Department of Computer Information Systems, Yarmouk University, Irbid, CO 21163 Jordan (e-mail: ialsmadi@yu.edu.jo). Submitted, August 11, 2010. Published as resubmitted by the authors on September 27, 2010. 24 http://www.i-jim.org