UserAccount

Purpose

A UserAccount represents the presence of an active user account in an access control mechanism.

Connections

UserAccount and Neighboring Objects
UserAccount and Neighboring Objects
ObjectConnectionDescriptionFunction
UserAuthenticationA connection to User tells which User owns/can use the UserAccount.If there is no user, it is not possible to extract a password from him/her (ExtractFromUser).
KeystoreAuthorizationConnection to a Keystore object denotes that the UserAccount is stored in this particular Keystore.A missing connection to a Keystore prevents compromise to a UserAccount through a Keystore.
AccessControlRoot AuthorizationDenotes that the UserAccount is a root/admin account to the AccessControl.One association to AccessControl is mandatory.
AccessControlNon-Root AuthorizationDenotes that the UserAccount is a regular user account to the AccessControl.One association to AccessControl is mandatory.

Attack Steps and Defenses

UserAccount Attack Steps and Defenses
UserAccount Attack Steps and Defenses
Attack StepDescriptionLeads to
CompromiseThe possibility to control/own it.AccessControl: NonRootLogin
AccessControl: RootLogin
GuessOfflineRetrieving credentials from a password repository that is locally accessible through password cracking. Often some form of a tool for automated cracking is used.UserAccount: Comprmise
GuessOnlineGuessing credentials online. Influenced by the existence of default passwords, if a proactive password checker is used, if a back-off technique is used and if a scan has been done by a network vulnerability scanner.UserAccount: Comprmise
DefenseDescriptionDefault
MFAMultiFactorAuthentication If the credentials of a UserAccount is distributed over several Keystores, the Attacker needs to obtain all of them.Off