More about Centrifuge security

Centrifuge is running really nice at the CMC right now, we switched to a newer snapshot last week and the feature to fetch Library of Congress data for ISBN numbers seems to be a great hit with volunteers.
This is the first snapshot to include nearly all the changes toward moving to a generic system with CMC-specific things moved out and so far I think I didn't screw up.
However, for our members to get the most out of our database it should be publicly accessible. Since we are not loved by all of the community security is essential (as is true for any other webapp, of course). It logically follows that my code has to be somewhat "perfect" if we ever want to make the code of the system public.
While I think the code is pretty good so far I'm still not sure how to be certain about this to large enough percentage. I'd be thankful for any insight into how to achieve this without paying a consultant or sth. similar.
I still think first public release before December is doable and I hope to have a test system at this domain available within the next month - even though you'll probably have to email me to get access, since I don't want to spend too much time maintaining it.
One more thing that has been working pretty decent on my testing system is HTTPS. If the CMC does make the database publicly available it will be purely served via HTTPS. The reason for this is that it keeps the data of the person using the database hidden from outsiders, even if he is just searching our records. While this does add some overhead I believe that nearly no infoshop in existence nowadays would not be able to handle the load caused by this, since we are not boingboing, flickr or anything close to being as well visited.