Using raw UDP/IP instead of TCP/IP and HTTP between the server and the microcontroller for
polling the sensor or sensors, saves you both resources and implementation effort.
UDP/IP makes most sense for polled sensors, because there is no connection per se, and each message (or datagram) is independent. (The datagram header part contains both the sender and recipient IP addresses and ports, and these are accessible to both the microcontroller and the server-side program running under a fully-features operating system.)
UDP and IP stack implementation is much simpler than TCP/IP on the microcontroller.
Each UDP datagram must have at least one byte of data payload, because some implementations do not handle zero-data datagrams correctly. In general, up to 556 bytes of UDP data (payload) can be supplied in each datagram without having to worry about IP fragmentation.
The downside of UDP/IP compared to TCP/IP is that there is no reliability guarantees, and routers may simply drop UDP datagrams if they're overburdened. This rarely occurs in local area networks, though, and is easily handled by the server side re-sending the request if there is no response within a specified time limit, for example 15 seconds. Again, for polled stateless sensors, UDP/IP just makes more sense.
The idea is that the datagram sent to the microcontroller is a
query, perhaps identifying the types or sensors or units of measurement, and the datagram the microcontroller sends to the sender of the query is the corresponding
response.
The content and the format of the query and response messages is something one should spend effort to design correctly, to allow expansion and for example multiple sensors and sensor types on a single microcontroller.
The above would therefore use UDP/IP for communications between the server and the microcontroller, and I2C or Dallas 1-wire for the communications between the microcontroller and the temperature sensor.
For cryptographic security, external chips like Microchip ATECC608B (cost less than USD $1 even in singles at vendors like Mouser and Digikey) can be used to implement proper encryption with the key (for example, one half of a key pair) stored on the chip.
As to the server software running under a fully-featured OS, it would make more sense for it to poll a configured set of sensors, archiving their readings, and exposing access to the archived (and current) data to a FastCGI/WSGI/etc. application serving HTTP requests under a HTTP(S) server like Apache or Nginx.
A common option is to use an SQL database to store the sensor readings. Then, the sensor server and the HTTP application would use SQL to a database service to access the sensor readings, and the application would use FastCGI/WSGI/etc. to talk to the HTTP(S) server (although this detail is often well implemented in libraries), with the HTTP(S) server configured to handle TLS security and authentication and access controls. Those are the protocols needed. Additional formats and languages are needed by the application to present the data as graphs: HTML for the page itself with CSS for fine-tuning visuals, and Javascript (if the graphs are generated on the client side as recommended since even phones have ample capabilities for this) or SVG (for generating precise vector-graphic scalable graphs on the server side or embedded in the HTML itself). Such applications are easiest to write in Python, PHP, or Ruby.