Default-Deny

Definition

The security posture in which any endpoint, action, or data access not explicitly permitted is refused. Financial systems fail CLOSED.

Worked Example

Middleware logic:

request -> is there an explicit permission rule allowing
           (role, endpoint, action)?
   yes -> proceed (and log)
   no  -> 403, always — including for endpoints added
          yesterday that nobody wrote rules for yet

Interpretation & Pitfalls

The alternative (default-allow) means every forgotten rule is a hole. Default-deny means every forgotten rule is a support ticket — annoying, but safe.

In TupicFinance

Default-deny middleware fronts the API: unlisted route-permission combinations are refused.