Abstract: Authentication plays a vital role in many secure
systems. Most of these systems require user to log in with his or her
secret password or pass phrase before entering it. This is to ensure all
the valuables information is kept confidential guaranteeing also its
integrity and availability. However, to achieve this goal, users are
required to memorize high entropy passwords or pass phrases.
Unfortunately, this sometimes causes difficulty for user to remember
meaningless strings of data. This paper presents a new scheme which
assigns a weight to each personal question given to the user in
revealing the encrypted secrets or password. Concentration of this
scheme is to offer fault tolerance to users by allowing them to forget
the specific password to a subset of questions and still recover the
secret and achieve successful authentication. Comparison on level of
security for weight-based and weightless secret recovery scheme is
also discussed. The paper concludes with the few areas that requires
more investigation in this research.
Abstract: Phishing scheme is a new emerged security issue of
E-Commerce Crime in globalization. In this paper, the legal scaffold
of Malaysia, United States and United Kingdom are analyzed and
followed by discussion on critical issues that rose due to phishing
activities. The result revealed that inadequacy of current legal
framework is the main challenge to govern this epidemic. However,
lack of awareness among consumers, crisis on merchant-s
responsibility and lack of intrusion reports and incentive arrangement
contributes to phishing proliferating. Prevention is always better than
curb. By the end of this paper, some best practices for consumers and
corporations are suggested.