0

I'm currently working on a homework and missing a technical term / known best practice to describe what I have learned or what I feel that is better. It is about a publish / subscribe architecture, where channels are per default open and unauthenticated, and you have to configure security explicitly (kind of blacklisting instead of whitelisting). Imho it would be more secure to have channels be authenticated / secured per default and open them on configuration, so you can't forget it if you need authentication.

I hope I could explain to you in what direction I'm thinking. I really need a technical term for this, but have no idea currently. Blacklist vs. Whitelist is the closest thing I came up with, but this is not a general pattern, is it? And it is not exactly what I mean..

Anyone may help? :-)

Toni
  • 103
  • 1

1 Answers1

0

I think the term secure by default captures what you are looking for:

In a network operating system, this typically means first and foremost that there are no listening INET(6) domain sockets after installation. That is, no open network ports. This can be checked on the local machine with a tool such as netstat, and remotely with a port scanner such as nmap. As a general rule, a secure network, is only as secure as the least secure node in the entire network.

Neil Smithline
  • 14,621
  • 4
  • 38
  • 55
  • 1
    Thank a lot, didn't know there was a best practice called like this, just had a "feeling" for it! – Toni Jan 28 '16 at 15:48