A Client object represents a piece of software able to establish communication via the network. When modeling, Client software is in general seen as the software initiating communication in an information exchange. Only network related applications, capable of initiating a communication, shall be modeled as Client objects.
Non-Root Client Execution
Which Host object the Client software is hosted by/running on. Non-Root is telling that it is run as a regular/non-privileged user.
Root Client Execution
Which Host object the Client software is hosted by/running on. Root is telling that it is run as the root/administrator system user.
When a Client is contacting a Service object, requesting some piece of data, it is done via the connected Dataflow object.
A missing Dataflow association can prevent ManInTheMiddle, DenialOfService, Access and Request attacks.
Denotes information storage that is reachable by the Client e.g. a cache or files on the file system where the Client has the appropriate rights.
A missing Datastore has no direct impact on the Client but can prevent Read and Write access to the Datastore from the Client.
A connection to a Keystore object denotes that the Keystore is hosted by the Client.
A missing connection to a Keystore prevents Read access on a Keystore through Clients.
Describes what type of software the client is, or, actually, what properties it has.
The Client object has an extra attribute; Existence. Existence can be either On, Off or set to a probability between 0 and 1. Existence is used to set a probability to an object being present or not. Examples of use cases are found in the Attack Vector chapter. The default value for Existence is On.
ypassing the anti malware software protecting the client.
ypassing the Host IDS (HIDS) if one exists.
The possibility to control/own it. If the Host object the Client is connected to (hosted by) is compromised, the Client is also considered to be compromised.
Denial of Service
The possibility to block the service this application is supposed to provide.
The possibility to use a vulnerability of the client
The possibility to discover a vulnerability related to this client.
Accessing the client as a regular user from the network.
Denotes whether the Client has all applicable software security patches implemented.
Can prevent an Attacker from obtaining an exploit.
Updated about 1 year ago