Security

   - for incoming commands/messages
     - ensuring sender/issuer is who we think it is
       (pwd vs knowledge/access to entry point)
     - ensuring they have permission to issue their request
     - validating the correctness of the request
     - avoiding/mitigating/recovering from destructive requests
     - how to share usernames/passwords

   - for stored data
     - configuration files
     - data files
     - cookies, registry keys
     - session settings
     - secrecy of location (who knows where it is, who can access it)
     - encryption/decryption

   - for transmitted messages
     - encrypt all or part
     - how to share encryption formats/keys