Need to add capability to specify permissions to allow/disallow executions of particular services (similar to compute tasks).
The following permissions should be added to the SecurityPermission enum:
SERVICE_DEPLOY - for IgniteServices.deployXXX methods.
SERVICE_CANCEL - for IgniteServices.cancel and IgniteServices.cancelAll methods.
SERVICE_INVOKE - for IgniteServices.service, IgniteServices.services and IgniteServices.serviceProxy methods.
SERVICE_INVOKE should allow fine-grained authorization based on service name, similar to TASK_EXECUTE. E.g., a particular user should be able to execute service A, but not service B.