Since most of the communication between mesos components will happen through HTTP with the arrival of the HTTP API, it makes sense to use HTTP standard mechanisms to authenticate this communication.
Implement AuthN handling in Master for the Scheduler endpoint
Agent HTTP Authentication
Add authentication to master endpoints
Add basic auth security to mesos-master web port (web/rest api)