Deny-by-default

The deny-by-default principle allows compromised nodes to access only authorized services.