Who authenticates where
The native database software (e.g. specify), a local network node, and other network nodes are all likely to be spread across the network, with the native database software to local network node API using some form of web service or other network communication. Authentication of users could occur in several ways. .
On one end of the range of possibilities, authentication could be by just the user to the native database software, with implicit trust between the native database software and a local network node. This is clearly susceptible to attack (in both directions if the API calls for the local node to contact the native db).
At the other end of the range of possibilities, users could be authenticated individually into the network, with user credentials being maintained in some centralized manner. We most likely don't want to do this, as it could add a substantial system administration burden.
Handling authentication isn't quite as simple as saying we will let it happen on the edges and let nodes in the network authenticate with each other - the API for connecting to local nodes from native database software provides a potential attack route into the network and needs some thought about access control. Bold text