Based on the BAFA case study, identify all the possible roles that a security policy for the BAFA website might require. (For the purposes of this exercise, assume that the BAFA website incorporates the BAFRA and BAFCA sites, for officials and coaches respectively.)
For each role, what information do they require to be able to read and to write/modify?
Outline how you would implement this policy in Apache.