Bokeh for Confidential Data

I am new to Bokeh. I want to use it for sensitive data. How can I make sure that my data are safe and secure when generating plots? Is using an offline mode enough?

Thank you

Hi @jinanea As currently posed, the question is too vague to give any meaningful answer at all. It’s unclear whether you are concerned about things on the Python side, or the browser/JavaScript side, or both. You haven’t said what kind of environment things will be published in (airgapped? authenticated corp network? public internet?) or whether your audience itself is trusted. What sort of specific threats or adversaries are you trying to protect against? Any answer to this would be entirely down to the very specific details of your exact situation and requirements, about which you have said nothing.

For example:

  • I have an app that processes sensitive data to generate anonymized aggregates, and publishes those aggregated values as plots. I want to make sure the data-handling in the Python code is secure. [This is probably independent of/orthogonal to Bokeh]

is completely different and unrelated to, say:

  • I am worried any viewer being able to open the page source and see the raw JSON data that is sent for an interactive plot. [Maybe you will have to settle for generating static PNGs]

which is different still from:

  • My audience is trusted as long as strong authentication is in place. How can I place Bokeh content behind strong authentication? [Use SSL termination and auth hooks]

And there are plenty of other scenarios that could be imagined. You need to be detailed, precise, and clear in explaining exactly what your needs and concerns are, because there is not only one answer. There’s not even only one question!

And perhaps it’s worth stating the corollary to all this as well: If you can’t elucidate the exact requirements of your scenario, there will be no answer that I or anyone else could give that would be useful, anyway.