Commit dbccffe1 authored by Aeva Black's avatar Aeva Black Committed by Aeva Black
Browse files

Remove bolding of UC-* from section headings

parent 57446eaf

EN-304-626.md

+16 −16
Original line number Diff line number Diff line
@@ -451,24 +451,24 @@ Users of products may interact directly with the operating system, or the operat 


**Editor's Note:** We anticipate that future revisions of this document may include additional use cases, such as for the following product scenarios: embedded devides, baseband management controllers, network interface cards, graphics cards, real-time applications, and special purpose operating systems.



### 4.7.1 **UC-LR** Operating system for learning and research

### 4.7.1 UC-LR: Operating system for learning and research

  * is not used for any purpose beyond learning and research

  * does not store any sensitive or useful data

  * security is provided entirely by the environment

  * is highly modified by the user



### 4.7.2 **UC-IoT-1** Non-internet-connected device such as a bluetooth speaker

### 4.7.2 UC-IoT-1: Non-internet-connected device such as a bluetooth speaker

  * does not store any user-specific data

  * has no means to connect directly to a public network

  * not intended to support hardware, software, or operating system changes



### 4.7.3 **UC-IoT-2** Internet-enabled power switch

### 4.7.3 UC-IoT-2: Internet-enabled power switch

  * connects to a central service, operated by the device manufacturer, for remote data processing

  * stores account information to authenticate to WiFi and to cloud service provider

  * has a minimalistic interface, such as a single button for pairing and a reset button

  * does not have accessible I/O ports



### 4.7.4 **UC-IoT-3** Internet-connected "smart home" device

### 4.7.4 UC-IoT-3: Internet-connected "smart home" device

  * e.g. a thermostat, fridge, or alarm system

  * connects to a central service, operated by the device manufacturer, for remote data process

  * stores account information to authenticate to WiFi and to cloud service provider
@@ -477,12 +477,12 @@ Users of products may interact directly with the operating system, or the operat 
  * may display personalized information, such as location-specific weather forecast

  * serviced by trained professionals who do not modify software or hardware outside of manufacturer specifications



### 4.7.5 **UC-RO-1** Consumer-grade home wireless router

### 4.7.5 UC-RO-1: Consumer-grade home wireless router

  * stores account information for authentication with ISP

  * not intended for end-user hardware or software modification

  * is exposed to the open internet



### 4.7.6 **UC-OT-1** Business-grade remote door locking system

### 4.7.6 UC-OT-1: Business-grade remote door locking system

  * does not store any user data

  * not intended for hardware or software modification

  * is not exposed to the open internet, and is only connected to trusted networks
@@ -490,7 +490,7 @@ Users of products may interact directly with the operating system, or the operat 
  * does not have accessible I/O ports

  * hardware likely contains tamper-evident signals which operating system can rely on



### 4.7.7 **UC-MOB-1** Personal mobile device

### 4.7.7 UC-MOB-1: Personal mobile device

  * stores highly sensitive personal information

  * large number of sensors allow mass collection of sensitive personal data

  * size and cost make it a common target of theft
@@ -501,7 +501,7 @@ Users of products may interact directly with the operating system, or the operat 
  * device frequently collects user's location at all times

  * device is often always on and always connected



### 4.7.8 **UC-WE-1** Wearable health tracker

### 4.7.8 UC-WE-1: Wearable health tracker

  * e.g. a smart watch or step tracker

  * stores information about a single user only

  * stored information may be highly sensitive, and is likely to be strictly structured (not arbitrary files)
@@ -510,13 +510,13 @@ Users of products may interact directly with the operating system, or the operat 
  * connections are proxied by a trusted device, such as a mobile phone

  * is not exposed to a public network



### 4.7.9 **UC-PC-1** Personal computer in a fixed and generally safe location

### 4.7.9 UC-PC-1: Personal computer in a fixed and generally safe location

  * hardware, software and operating system may be configured and modified by the end-user

  * the user may not be either highly skilled or an authorized representative of the manufacturer

  * foreseeably connects to a public network and to low-trust local networks, but is not reachable from the open internet

  * stores personal information and arbitrary files



### 4.7.10 **UC-PC-2** Enterprise workstation in a fixed and generally safe location

### 4.7.10 UC-PC-2: Enterprise workstation in a fixed and generally safe location

  * installed in an access-controlled workspace

  * serviced by trained professionals who may modify both software and hardware

  * connected to a public network with external mitigations, such as enterprise-grade firewalls
@@ -525,7 +525,7 @@ Users of products may interact directly with the operating system, or the operat 
  * used for web browsing

  * stores business data, personal information and arbitrary files



### 4.7.11 **UC-LA-1** Personal laptop

### 4.7.11 UC-LA-1: Personal laptop

  * hardware, software and operating system may be configured and modified by the end-user

  * device is a foreseeable target of theft and tampering by untrusted 3rd parties

  * stores personal information and arbitrary files
@@ -533,7 +533,7 @@ Users of products may interact directly with the operating system, or the operat 
  * is frequently connected to untrusted networks

  * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage



### 4.7.12 **UC-LA-2** Enterprise laptop

### 4.7.12 UC-LA-2: Enterprise laptop

  * hardware, software and operating system may be configured and modified by the end-user

  * serviced by trained professionals who may modify both software and hardware

  * device is a foreseeable target of theft and tampering by untrusted 3rd parties
@@ -542,7 +542,7 @@ Users of products may interact directly with the operating system, or the operat 
  * is frequently connected to untrusted networks

  * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage



### 4.7.13 **UC-PS-1** Personal server

### 4.7.13 UC-PS-1: Personal server

   * one or a small number of trusted users

   * installed in a fixed location at home or in a cohosting facility

   * connected to a public network with a firewall
@@ -551,17 +551,17 @@ Users of products may interact directly with the operating system, or the operat 
   * semi-professional semi-automated management by one or a few people

   * always stationary, access to hardware interfaces unlikely



### 4.7.14 **UC-SE-1** Enterprise server in a datacenter with no user accounts

### 4.7.14 UC-SE-1: Enterprise server in a datacenter with no user accounts

  * installed in a monitored and secured facility

  * serviced by trained professionals who may modify both software and hardware

  * connected to a public network with external mitigations, such as enterprise-grade firewalls

  * connects to trusted local networks

  * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage



### 4.7.15 **UC-SE-2** Enterprise server in a datacenter with only trusted user accounts

### 4.7.15 UC-SE-2: Enterprise server in a datacenter with only trusted user accounts

  * Same as UC-SE-2 but with trusted users



### 4.7.16 **UC-SE-3** Enterprise server in a datacenter hosting many untrusted user accounts

### 4.7.16 UC-SE-3: Enterprise server in a datacenter hosting many untrusted user accounts

  * Same as UC-SE-2 but with untrusted users



# 5 Requirements specifications