The security of QlikView Server/Publisher consists of the following parts:
- Certificates: In QlikView Server, if you choose digital authentication, you use certificates for authentication and authorization. A certificate provides trust between servers machines. In addition, dynamic encryption keys are used for sensitive data.
- Protection of the platform: How the platform itself is protected and how it needs to communicate and operate.
- Authentication: Who is the user and how can the user prove it? QlikView uses standard authentication protocols, such as Integrated Windows Authentication (IWA), HTTP headers, and ticketing, to authenticate every user requesting access to data.
- Document level authorization: Is the user allowed to access the document or not? QlikView uses server-side capabilities such as Document Metadata Service (DMS) or Windows NTFS to determine access privileges at file level.
- Data level authorization: Is the user allowed to see all of the data or just parts of it? QlikView implements row and field level data security, using a combination of document-level capabilities (Section Access) and server-side data reduction capabilities (QlikView Publisher).