Mustguseal File Sharing and Security Features
The controlled dissemination of scientific information is crucial for successful research activities in the digital age. Mustguseal platform implements file sharing and security features to provide protected access to your data via the World Wide Web for you and colleagues authorized by you.
Please note that the completed tasks (user input and the results) can be safely stored at the Mustguseal server for a period of one month. We reserve the right to permanently remove tasks (input and the results) which are older than one month. The cleaning usually happens on the first day of each month, e.g., all tasks submitted in January will be removed on the 1st day of March.
The following features are provided by the Mustguseal platform:
- TaskID: easy access and reasonable protection of user data
- Task retraction: delete your data at any time
- HTTPS protocol: encrypt your connection and file transfer
- IP-/password-based authentication
At the time of submission a new task is assigned a unique 16-symbol access code – TaskID. Assignment of a unique TaskID to each task means that loss of connection between the Mustguseal page and the user (e.g., the page was closed in browser or due to connection problems) neither kills the task nor deletes the data. TaskID can be used to access results on the Mustguseal server at any time or can be sent to a colleague to share the results. To access the results by TaskID use a corresponding form at the Mustguseal submission page. The prefix (first two characters of TaskID, e.g. "A-") stands for the major version identifier. The current major version of Mustguseal is "A".
Each character in the TaskID code (except for the prefix) is randomly chosen by the server from 26 lower case letters of the English alphabet and 10 numbers, making it 36 possible characters in total in each position of the 14-long string. The probability to guess a particular TaskID at random out of 6.140942e+21 possible combinations is incredibly low. Therefore, TaskID provides easy access to your results for you and authorized colleagues, while reasonably protecting your data from an unauthorized web-access by a remote user. Please note that anyone in the World Wide Web with a valid TaskID can access the corresponding task data (input data submitted by user as well as the results, produced based on this input data). It is your responsibility to protect the TaskID if the corresponding task possesses any valuable information. If you believe the TaskID has been compromised you should delete the corresponding task as soon as possible (see Task retraction below).
At any time you can retract your submission by pressing the "Cancel"/"Delete" button at the top of the log/results/analysis page. This will stop the task processing (or remove the task from the queue if the processing had not began) and invoke the delete script. The delete script will remove the input data as well as any intermediate data and the results that have been created. After all cleaning operations have been completed the script will execute the find command of the Linux bash shell in the task folder. This command will produce a list of all files currently in the folder. It must indicate that the task folder is empty (except for the delete.html file). The confirmation of a task retraction will be shown in the web-browser automatically (see an example below).
The Mustguseal platform supports both HTTP (port 80) and HTTPS (port 443) protocols. If your connection is not encrypted (i.e., you use the HTTP version) a warning will appear at the Mustguseal submission page in the "Security and sharing" block (see an example above). You can encrypt your connection with the server by switching to the HTTPS protocol - click on the provided link or manually change the 'http://' prefix for 'https://' in the address line of your browser. The identity of the Mustguseal platform is verified by Let's Encrypt Authority X3. When using the HTTPS you can click on the green lock in the address bar of your browser to learn the algorithms implemented to encrypt the connection.
To switch on the IP-based authentication simply set the radio button to "Yes" at the "Allow access to task files by IP-address" field in the "Security and Sharing" block (see the figure above). If the IP-based authentication was switched on and "Submit" button was pressed, all further access to the task files, progress log and the results would be granted only to connections from the IP which was used at the time of submission. Inability to connect to Mustguseal server from this IP will result in permanent disability to view the task results.
To install the password-based authentication switch the radio button to "Yes" at the "Allow access to task files by password" field in the "Security and Sharing" block (see the figure above). A password string of English letters and numbers at least 6 symbols long should be typed and re-typed in the corresponding fields. If the password-based authentication was switched on, a valid password was entered, and the "Submit" button was pressed, all further access to the task files, progress log, and the results would be granted only on entering a correct password which was set at the time of submission. Loss of the password or inability to enter it will result in permanent disability to view the task results.
Please note that IP-/password-based authentication is not required for the task retraction. This means that if IP-/password-based authentication fails - e.g., you forgot the password or can't connect to Mustguseal from the required IP address - you would not be able to view the task data and results but would have the power to delete them by pressing the Cancel/Delete button. This features was implemented so that the task owner always preserves the ability to remove his valuable information from the server.
Please note that the TaskID-protected access as well as the IP-/password-based authentication are features of the web-server/web-platform and therefore apply to the web-access only. File sharing and security features described on this page apply to the Mustguseal platform. The same features are available for the visualCMAT server and have to be set up during a submission to that server. The Zebra and pocketZebra servers are currently implemented using a different software and thus the features discussed on this page do not apply to them. While every effort is made to ensure that the input data submitted by user, the results produced from this input data, and any intermediate data are reasonably protected from any unauthorized web-access, all features described on this page are still provided "as is".