Minor Description
The authorization strategy currently employed for operation permissions is potentially vulnerable to a replay attack as there is currently no way to check the age/uniqueness of a request.
This issue could be solved by including a "lastValidTime" in each request indicating the last time a pillar should start processing it. An alternative solution could involve using the correlation id of the message in some way, either by disallowing duplicate usage of a given correlation id (could potentially entail storing all previously seen correlation ids - bad) or mandating the usage of v. 1 UUIDs and using the time component there as a timestamp (not that great of a solution either).