** Serves as a data and business logic abstraction layer
* The REST API will be implemented using HTTPS and REST principles
** Clients are required to validate the certificate (at least via CA)
* The REST API uses JSON as the primary data interchange format (serialization of data structures should be abstracted), other formats should be possible in the future.
* Authentication via Basic HTTP-Auth