• xThreat Vector: Repudiation
IDNameBaselinesThreats
LowModerateHighPrivacy
AC-2Account Management STRIDE-LM
(2)Automated Temporary and Emergency Account Management  STRIDE-LM
(3)Disable Accounts  STRIDE-LM
(4)Automated Audit Actions  STRIDE-LM
(8)Dynamic Account Management    STRIDE-LM
(12)Account Monitoring for Atypical Usage   STRIDE-LM
AC-3(2)Dual Authorization    STRIDE-LM
AC-6(9)Log Use of Privileged Functions  STRIDE-LM
AC-7(2)Purge or Wipe Mobile Device    STRIDE-LM
AC-11Device Lock  STRIDE-LM
AC-25Reference Monitor    STRIDE-LM
AU-3Content of Audit Records STRIDE-LM
AU-6Audit Record Review, Analysis, and Reporting STRIDE-LM
(3)Correlate Audit Record Repositories  STRIDE-LM
(5)Integrated Analysis of Audit Records   STRIDE-LM
(6)Correlation with Physical Monitoring   STRIDE-LM
(9)Correlation with Information from Nontechnical Sources    STRIDE-LM
AU-10Non-repudiation   STRIDE-LM
(1)Association of Identities    STRIDE-LM
(2)Validate Binding of Information Producer Identity    STRIDE-LM
(3)Chain of Custody    STRIDE-LM
(4)Validate Binding of Information Reviewer Identity    STRIDE-LM
AU-13(2)Review of Monitored Sites    STRIDE-LM
AU-14Session Audit    STRIDE-LM
(1)System Start-up    STRIDE-LM
(3)Remote Viewing and Listening    STRIDE-LM
AU-16Cross-organizational Audit Logging    STRIDE-LM
(3)Disassociability    STRIDE-LM
IA-2Identification and Authentication (organizational Users) STRIDE-LM
(1)Multi-factor Authentication to Privileged Accounts STRIDE-LM
(2)Multi-factor Authentication to Non-privileged Accounts STRIDE-LM
(5)Individual Authentication with Group Authentication   STRIDE-LM
IA-4Identifier Management STRIDE-LM
(1)Prohibit Account Identifiers as Public Identifiers    STRIDE-LM
(4)Identify User Status  STRIDE-LM
(5)Dynamic Management    STRIDE-LM
(6)Cross-organization Management    STRIDE-LM
IA-5Authenticator Management STRIDE-LM
(1)Password-based Authentication STRIDE-LM
(2)Public Key-based Authentication  STRIDE-LM
(5)Change Authenticators Prior to Delivery    STRIDE-LM
(9)Federated Credential Management    STRIDE-LM
(10)Dynamic Credential Binding    STRIDE-LM
(12)Biometric Authentication Performance    STRIDE-LM
(13)Expiration of Cached Authenticators    STRIDE-LM
(14)Managing Content of Pki Trust Stores    STRIDE-LM
(16)In-person or Trusted External Party Authenticator Issuance    STRIDE-LM
(17)Presentation Attack Detection for Biometric Authenticators    STRIDE-LM
(18)Password Managers    STRIDE-LM
IA-8Identification and Authentication (non-organizational Users) STRIDE-LM