Security Feature Highlights
The following are the highlights of TDV security features:
| • | Passwords sent by JDBC and ODBC to TDV are encrypted. |
| • | Passwords passed between TDV components are encrypted. |
| • | Passwords in HTTP/SOAP headers for administrative functions are encrypted. |
| • | All communication between TDV and Studio can be encrypted using SSL/HTTPS. The default TLS version will default to the highest supported version that is negotiated between TDV and Studio (Examples: Java 8 defaults to TLS v1.2 and Java 11 defaults to TLS v1.3). |
| • | WSS Web service client security is supported. |
| • | TDV to data source SSL is supported with or without Web Service client authentication where permitted. |
| • | Passwords in metadata are encrypted. |
| • | Passwords for LDAP and dynamic domain users are encrypted or not stored. |
| • | Support for case-sensitive user login for external LDAP is supported. |
| • | Options to include or exclude encrypted user passwords, repository passwords, LDAP, and data source passwords in export files. |
| • | DBA password for the repository is not stored. |
| • | Repository password and the repository connection with TDV are encrypted. |
| • | Passwords are not shown in the log files. |
For information on how administrators can delegate administrator rights, add LDAP users to a TDV group, and grant/revoke access privileges on TDV resources, see the TDV Administration Guide.