Product: TIBCO Spotfire®
How is data in motion encrypted between Spotfire Server and Analyst client / the iPad client / a web browser, backend nodes, JDBC data source?
Data which is flowing between TIBCO Spotfire Server and multiple other components (i.e., Analyst client / the iPad client / a web browser, backend nodes, JDBC data source) can be protected by the methods outlined in this article.
1). Data flowing between the Spotfire Server and the Spotfire Analyst client, the iPad client, or a web browser may be protected using HTTPS as described in the documentation at the following link:
2). Data flowing between the Spotfire Server and backend nodes (the Node Manager or the Web Player or Automation Services services) is always protected using HTTPS (TLSv1.2 or TLSv1.1 using AES in CBC mode - with SHA or SHA-256, depending on what is supported by the machine running the backend services).
3). Data flowing between a JDBC data source and the Spotfire Server (when using Information Services) can usually be encrypted, but exactly how to do this depends on the database and the database driver. The following online references provide examples on how to configure this for the Oracle driver and a DataDirect driver: