Here is the list of what a TioSafe plugin must implements. Along the access to data, the plugin must make sure it can not be accessed anonymously, this should use the application framework if possible. Another requirement is that the plugin authenticates himself to the TioSafe server using the oauth protocol.
See documentation about Oauth :