The cybersecurity industry speaks constantly about assurance. The underlying concept remains undefined across frameworks, governance models, and vendor architectures.
Admission systems validated identity correctly across all three cases. Post-admission verification did not bound adversary dwell time in any of them. The structural question is whether admission remains a security control or has become an accounting mechanism.
