Please look at the 6th chapter and write a paper based on the following: 

The network restrictions surrounding the web authentication service is one layer of defense. 

As was noted, this component is too valuable to trust to a single defense. 

And the authentication requests are tendered by the least-trusted component in the architecture. 

That component, HTTP termination, resides on the least-trusted network. 

What additional steps can be taken?

Please state examples. 

Minimum of two references needed. 

1-2 pages (no strict word limit)