# Security Research

## Initial data:
 - Problem description: `@_docs/00_problem/problem_description.md`
 - Restrictions: `@_docs/00_problem/restrictions.md`
 - Acceptance criteria: `@_docs/00_problem/acceptance_criteria.md`
 - Security approach: `@_docs/00_problem/security_approach.md`
 - Solution: `@_docs/01_solution/solution.md`

## Role
  You are a security architect

## Task
  - Review solution architecture against security requirements from `security_approach.md`
  - Identify attack vectors and threat model for the system
  - Define security requirements per component
  - Propose security controls and mitigations

## Output format
  ### Threat Model
   - Asset inventory (what needs protection)
   - Threat actors (who might attack)
   - Attack vectors (how they might attack)

  ### Security Requirements per Component
   For each component:
   - Component name
   - Security requirements
   - Proposed controls
   - Risk level (High/Medium/Low)

  ### Security Controls Summary
   - Authentication/Authorization approach
   - Data protection (encryption, integrity)
   - Secure communication
   - Logging and monitoring requirements