encrypted mode (this can be deactivated at server launch-time) and require all resources to
be protected by some application-specific security policy. The simplest security policy is
function Server.public, which marks resources as accessible by everyone. Most applications
require more fine-grained security policies, e.g. access control lists, group authorizations,
etc. To implement these policies, the library provides function Server.protect.