We need to define the categories of user and, at least for some of them, provide an authentication mechanism. So mechanisms are needed to:
- Securely and efficiently store information about regular users
- Authenticate users
- Manage the stored information about users
- Provide for user "self service"
- Customize or extend user information