I'm currently working on a homework and missing a technical term / known best practice to describe what I have learned or what I feel that is better. It is about a publish / subscribe architecture, where channels are per default open and unauthenticated, and you have to configure security explicitly (kind of blacklisting instead of whitelisting). Imho it would be more secure to have channels be authenticated / secured per default and open them on configuration, so you can't forget it if you need authentication.
I hope I could explain to you in what direction I'm thinking. I really need a technical term for this, but have no idea currently. Blacklist vs. Whitelist is the closest thing I came up with, but this is not a general pattern, is it? And it is not exactly what I mean..
Anyone may help? :-)