Disposable gloves and security assurance
With the advent of the ITSEC standard (solidified with its inclusion in the Common Criteria) we got the idea of assurance requirements in security. We’ve always had functional requirements: functional requirements are, basically, everything that we do. All the technical stuff is functional. Assurance, as a concept, is a bit elusive.
Some people think assurance is tied to metrics. Yes, we use metrics for assurance, but assurance isn’t just about metrics (and we can all think of some metrics that are absolutely pointless for assurance).
As a teacher, I’m always looking for examples to illustrate concepts like this. And my wife pointed one out the other day.
Disposable gloves. The really thin, cheap kind that the fast food places are, more and more, starting to use.
The functional requirement here is hygiene, yes? We don’t want germs from dirty hands contaminating the food. We used to use handwashing as the functional security. However, there is no assurance in that control (or, at least, not one that is easy to see, and thus be assured of). Aside from really filthy hands (which actually might not be germ-laden), unwashed hands look about the same as washed hands.
But you can see gloves. Therefore, you have assurance that the functional requirement is being fulfilled. Therefore, gloves have an assurance component which hand-washing does not have.
(Disposable gloves actually have an additional assurance component, protecting against re-use. Gloves that are not disposable could be used all day, and get contaminated themselves. But, because these gloves are cheap and disposable, you can see the staff taking a new pair whenever they start making a new item.)