azionelab/docs/security.md

# Security

AzioneLab security assumptions and controls are documented in [security-notes.md](security-notes.md).

The initial security model covers:

- public website access;
- authenticated administration and check-in;
- reservation privacy;
- opaque token handling;
- QR code privacy;
- server-side capacity validation;
- deployment and logging assumptions.