Credential

Access Control Configuration

Access Control Group

Access Control List

Access Mediator

Access Process

Access Token

Activity Dependency

Actuator

Address Space

Administrative Network Traffic

Alias

Allocate Memory

Anonymous Pipe

Application

Application Configuration

Application Configuration Database

Application Configuration Database Record

Application Configuration File

Application Installer

Application Inventory Sensor

Application Layer Firewall

Application Layer Link

Application Process

Application Process Configuration

Application Rule

Application Shim

Archive File

Artifact Server

Asset Inventory Agent

Asymmetric Key

Audio Input Device

Authenticate User

Authentication Function

Authentication Log

Authentication Server

Authentication Service

Authorization Log

Authorization Service

Barcode Scanner Input Device

Binary Large Object

Binary Segment

Bitmap Image

Bitmap Image File

Block Device

Boot Loader

Boot Record

Boot Sector

Browser

Browser Extension

Build Tool

Bus Message

Bus Network

Bus Network Frame

Bus Network Node

Bus Network Traffic

Business Communication Platform Client

CA Certificate File

Processor Cache Memory

Call Stack

Central Processing Unit

Certificate

Certificate File

Certificate Trust Store

Chatroom Client

Child Process

Client Application

Client Computer

Clipboard

Cloud Configuration

Cloud Instance Metadata

Cloud Service Sensor

Cloud Storage

Cloud User Account

Code Analyzer

Code Repository

Codec Application

Codec Library

Collaborative Software

Network Agent

Command

Command History Log

Command History Log File

Command Line Interface

Compiler

Compiler Configuration File

Computer Network Node

Computer Platform

Computing Image

Computing Server

Computing Snapshot

Configuration Database

Configuration Database Record

Configuration File

Configuration Management Database

Configuration Resource

Connect Socket

Console Output Function

Container Build Tool

Container Image

Container Orchestration Software

Container Process

Container Runtime

Content Policy

Copy Memory Function

Copy Token

Create File

Create Process

Create Socket

Create Thread

Credential

Credential Management System

Cryptographic Key

Custom Archive File

Cyber Sensor

DHCP Network Traffic

DHCP Server

DNS Lookup

DNS Network Traffic

DNS Record

DNS Server

Data Artifact Server

Data Dependency

Data Link Link

Database

Database File

Database Query

Database Record

Database Server

Decoder Application

Decoy Artifact

Default User Account

Delete File

Dependency

Deserialization Function

Desktop Computer

Developer Application

Dial Up Modem

Differential Volume Snapshot

Digital Artifact

Digital Audio

Digital Audio Visual Media

Digital Document

Digital Event Record

Digital Fingerprint

Digital Identity

Digital Image

Digital Information

Digital Information Bearer

Digital Media

Digital Message

Digital Multimedia

Digital System

Digital Text

Digital Video

Properties

id: d3f:Credential

name: Credential
definition: A credential is a physical/tangible object, a piece of knowledge, or a facet of a person's physical being that enables an individual access to a given physical facility or computer-based information system. Typically, credentials can be something a person knows (such as a number or PIN), something they have (such as an access badge), something they are (such as a biometric feature), something they do (measurable behavioral patterns) or some combination of these items. This is known as multi-factor authentication. The typical credential is an access card or key-fob, and newer software can also turn users' smartphones into access devices.
defined by: http://dbpedia.org/resource/Access_control#Credential
see also: http://dbpedia.org/resource/Access_control

json

Neighbors

        graph LR;

     d3f:Credential["Credential"] --> | authenticates | d3f:UserAccount["User Account"];
          class d3f:Credential RootArtifactNode; class d3f:UserAccount ArtifactNode;
          click d3f:Credential href "/dao/artifact/d3f:Credential";
          click d3f:UserAccount href "/dao/artifact/d3f:UserAccount";

Inferred Relationships

This page is experimental and may change significantly in future releases.

Hierarchy

(filtered)

Related Countermeasure Techniques

        graph LR;

      TokenBinding["Token Binding"] -->
          | strengthens | AccessToken["Access Token"]; class TokenBinding DefensiveTechniqueNode; class AccessToken ArtifactNode; click TokenBinding href "/technique/d3f:TokenBinding"; click AccessToken href "/dao/artifact/d3f:AccessToken";Token-basedAuthentication["Token-based Authentication"] -->
          | uses | AccessToken["Access Token"]; class Token-basedAuthentication DefensiveTechniqueNode; class AccessToken ArtifactNode; click Token-basedAuthentication href "/technique/d3f:Token-basedAuthentication"; click AccessToken href "/dao/artifact/d3f:AccessToken";DecoyUserCredential["Decoy User Credential"] -->
          | spoofs | Credential["Credential"]; class DecoyUserCredential DefensiveTechniqueNode; class Credential ArtifactNode; click DecoyUserCredential href "/technique/d3f:DecoyUserCredential"; click Credential href "/dao/artifact/d3f:Credential";CredentialCompromiseScopeAnalysis["Credential Compromise Scope Analysis"] -->
          | analyzes | Credential["Credential"]; class CredentialCompromiseScopeAnalysis DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialCompromiseScopeAnalysis href "/technique/d3f:CredentialCompromiseScopeAnalysis"; click Credential href "/dao/artifact/d3f:Credential";AuthenticationCacheInvalidation["Authentication Cache Invalidation"] -->
          | deletes | Credential["Credential"]; class AuthenticationCacheInvalidation DefensiveTechniqueNode; class Credential ArtifactNode; click AuthenticationCacheInvalidation href "/technique/d3f:AuthenticationCacheInvalidation"; click Credential href "/dao/artifact/d3f:Credential";CredentialRevocation["Credential Revocation"] -->
          | deletes | Credential["Credential"]; class CredentialRevocation DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialRevocation href "/technique/d3f:CredentialRevocation"; click Credential href "/dao/artifact/d3f:Credential";CredentialTransmissionScoping["Credential Transmission Scoping"] -->
          | isolates | Credential["Credential"]; class CredentialTransmissionScoping DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialTransmissionScoping href "/technique/d3f:CredentialTransmissionScoping"; click Credential href "/dao/artifact/d3f:Credential";ReissueCredential["Reissue Credential"] -->
          | restores | Credential["Credential"]; class ReissueCredential DefensiveTechniqueNode; class Credential ArtifactNode; click ReissueCredential href "/technique/d3f:ReissueCredential"; click Credential href "/dao/artifact/d3f:Credential";CredentialRotation["Credential Rotation"] -->
          | regenerates | Credential["Credential"]; class CredentialRotation DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialRotation href "/technique/d3f:CredentialRotation"; click Credential href "/dao/artifact/d3f:Credential";CredentialHardening["Credential Hardening"] -->
          | hardens | Credential["Credential"]; class CredentialHardening DefensiveTechniqueNode; class Credential ArtifactNode; click CredentialHardening href "/technique/d3f:CredentialHardening"; click Credential href "/dao/artifact/d3f:Credential";Multi-factorAuthentication["Multi-factor Authentication"] -->
          | uses | Credential["Credential"]; class Multi-factorAuthentication DefensiveTechniqueNode; class Credential ArtifactNode; click Multi-factorAuthentication href "/technique/d3f:Multi-factorAuthentication"; click Credential href "/dao/artifact/d3f:Credential";StrongPasswordPolicy["Strong Password Policy"] -->
          | strengthens | Password["Password"]; class StrongPasswordPolicy DefensiveTechniqueNode; class Password ArtifactNode; click StrongPasswordPolicy href "/technique/d3f:StrongPasswordPolicy"; click Password href "/dao/artifact/d3f:Password";ChangeDefaultPassword["Change Default Password"] -->
          | strengthens | Password["Password"]; class ChangeDefaultPassword DefensiveTechniqueNode; class Password ArtifactNode; click ChangeDefaultPassword href "/technique/d3f:ChangeDefaultPassword"; click Password href "/dao/artifact/d3f:Password";One-timePassword["One-time Password"] -->
          | use-limits | Password["Password"]; class One-timePassword DefensiveTechniqueNode; class Password ArtifactNode; click One-timePassword href "/technique/d3f:One-timePassword"; click Password href "/dao/artifact/d3f:Password";PasswordRotation["Password Rotation"] -->
          | regenerates | Password["Password"]; class PasswordRotation DefensiveTechniqueNode; class Password ArtifactNode; click PasswordRotation href "/technique/d3f:PasswordRotation"; click Password href "/dao/artifact/d3f:Password";PasswordAuthentication["Password Authentication"] -->
          | uses | Password["Password"]; class PasswordAuthentication DefensiveTechniqueNode; class Password ArtifactNode; click PasswordAuthentication href "/technique/d3f:PasswordAuthentication"; click Password href "/dao/artifact/d3f:Password";DecoySessionToken["Decoy Session Token"] -->
          | spoofs | SessionToken["Session Token"]; class DecoySessionToken DefensiveTechniqueNode; class SessionToken ArtifactNode; click DecoySessionToken href "/technique/d3f:DecoySessionToken"; click SessionToken href "/dao/artifact/d3f:SessionToken";

Related Weaknesses

Credential has no related weaknesses in this release.

Related Offensive Techniques

        graph LR;

    T1134001["Token Impersonation/Theft"] --> |copies| AccessToken["Access Token"]; class T1134001 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1134001 href "/offensive-technique/attack/T1134.001/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1134002["Create Process with Token"] --> |copies| AccessToken["Access Token"]; class T1134002 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1134002 href "/offensive-technique/attack/T1134.002/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1134003["Make and Impersonate Token"] --> |copies| AccessToken["Access Token"]; class T1134003 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1134003 href "/offensive-technique/attack/T1134.003/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1550001["Application Access Token"] --> |uses| AccessToken["Access Token"]; class T1550001 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1550001 href "/offensive-technique/attack/T1550.001/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1528["Steal Application Access Token"] --> |accesses| AccessToken["Access Token"]; class T1528 OffensiveTechniqueNode;
        class AccessToken ArtifactNode; click T1528 href "/offensive-technique/attack/T1528/"; click AccessToken href "/dao/artifact/d3f:AccessToken";T1098001["Additional Cloud Credentials"] --> |creates| Credential["Credential"]; class T1098001 OffensiveTechniqueNode;
        class Credential ArtifactNode; click T1098001 href "/offensive-technique/attack/T1098.001/"; click Credential href "/dao/artifact/d3f:Credential";T1552["Unsecured Credentials"] --> |accesses| Credential["Credential"]; class T1552 OffensiveTechniqueNode;
        class Credential ArtifactNode; click T1552 href "/offensive-technique/attack/T1552/"; click Credential href "/dao/artifact/d3f:Credential";T1142["Keychain"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1142 OffensiveTechniqueNode;
        class EncryptedCredential ArtifactNode; click T1142 href "/offensive-technique/attack/T1142/"; click EncryptedCredential href "/dao/artifact/d3f:EncryptedCredential";T1003003["NTDS"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003003 OffensiveTechniqueNode;
        class EncryptedCredential ArtifactNode; click T1003003 href "/offensive-technique/attack/T1003.003/"; click EncryptedCredential href "/dao/artifact/d3f:EncryptedCredential";T1003005["Cached Domain Credentials"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003005 OffensiveTechniqueNode;
        class EncryptedCredential ArtifactNode; click T1003005 href "/offensive-technique/attack/T1003.005/"; click EncryptedCredential href "/dao/artifact/d3f:EncryptedCredential";T1003008["/etc/passwd and /etc/shadow"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003008 OffensiveTechniqueNode;
        class EncryptedCredential ArtifactNode; click T1003008 href "/offensive-technique/attack/T1003.008/"; click EncryptedCredential href "/dao/artifact/d3f:EncryptedCredential";T1558["Steal or Forge Kerberos Tickets"] --> |may-access| KerberosTicket["Kerberos Ticket"]; class T1558 OffensiveTechniqueNode;
        class KerberosTicket ArtifactNode; click T1558 href "/offensive-technique/attack/T1558/"; click KerberosTicket href "/dao/artifact/d3f:KerberosTicket";T1558["Steal or Forge Kerberos Tickets"] --> |may-create| KerberosTicket["Kerberos Ticket"]; class T1558 OffensiveTechniqueNode;
        class KerberosTicket ArtifactNode; click T1558 href "/offensive-technique/attack/T1558/"; click KerberosTicket href "/dao/artifact/d3f:KerberosTicket";T1558001["Golden Ticket"] --> |forges| KerberosTicketGrantingTicket["Kerberos Ticket Granting Ticket"]; class T1558001 OffensiveTechniqueNode;
        class KerberosTicketGrantingTicket ArtifactNode; click T1558001 href "/offensive-technique/attack/T1558.001/"; click KerberosTicketGrantingTicket href "/dao/artifact/d3f:KerberosTicketGrantingTicket";T1110001["Password Guessing"] --> |accesses| Password["Password"]; class T1110001 OffensiveTechniqueNode;
        class Password ArtifactNode; click T1110001 href "/offensive-technique/attack/T1110.001/"; click Password href "/dao/artifact/d3f:Password";T1110002["Password Cracking"] --> |accesses| Password["Password"]; class T1110002 OffensiveTechniqueNode;
        class Password ArtifactNode; click T1110002 href "/offensive-technique/attack/T1110.002/"; click Password href "/dao/artifact/d3f:Password";T1110003["Password Spraying"] --> |accesses| Password["Password"]; class T1110003 OffensiveTechniqueNode;
        class Password ArtifactNode; click T1110003 href "/offensive-technique/attack/T1110.003/"; click Password href "/dao/artifact/d3f:Password";T1550004["Web Session Cookie"] --> |adds| SessionCookie["Session Cookie"]; class T1550004 OffensiveTechniqueNode;
        class SessionCookie ArtifactNode; click T1550004 href "/offensive-technique/attack/T1550.004/"; click SessionCookie href "/dao/artifact/d3f:SessionCookie";T1539["Steal Web Session Cookie"] --> |accesses| SessionCookie["Session Cookie"]; class T1539 OffensiveTechniqueNode;
        class SessionCookie ArtifactNode; click T1539 href "/offensive-technique/attack/T1539/"; click SessionCookie href "/dao/artifact/d3f:SessionCookie";