UserAccount

Purpose

A UserAccount represents the presence of an active user account in an access control mechanism.

Connections

UserAccount and Neighboring Objects
UserAccount and Neighboring Objects

 

ObjectConnectionDescriptionFunction
UserAuthenticationA connection to User tells which User owns/can use the UserAccount.If there is no user, it is not possible to extract a password from him/her (ExtractFromUser).
KeystoreAuthorizationConnection to a Keystore object denotes that the UserAccount is stored in this particular Keystore.A missing connection to a Keystore prevents compromise to a UserAccount through a Keystore.
AccessControlRoot AuthorizationDenotes that the UserAccount is a root/admin account to the AccessControl.One association to AccessControl is mandatory.
AccessControlNon-Root AuthorizationDenotes that the UserAccount is a regular user account to the AccessControl.One association to AccessControl is mandatory.

Attack Steps and Defenses

Attack Steps and Defenses
Attack Steps and Defenses

 

Attack StepDescriptionLeads to
CompromiseThe possibility to control/own it.AccessControl: NonRootLogin
AccessControl: RootLogin
ExtractFromUserAn attacker being able to extract credentials from a targeted User by using any means available within social engineering.UserAccount: Compromise
GuessOfflineRetrieving credentials from a password repository that is locally accessible through password cracking. Often some form of a tool for automated cracking is used.UserAccount: Comprmise
GuessOnlineGuessing credentials online. Influenced by the existence of default passwords, if a proactive password checker is used, if a back-off technique is used and if a scan has been done by a network vulnerability scanner.UserAccount: Comprmise

 

DefenseDescriptionDefault
NoneThere are no defenses associated with the UserAccount object.n/a