ACLs

Some form of ACL system will be required.

General thought at the moment is that each ACL has a wildcard domain filter, and possibly a provider filter. Non-server nodes then use the token for this ACL in API communication and results are filtered accordingly. 
