Blog
Articles tagged: security
Mascot security – guest users and administrators
Mascot Security is a role-based access system that allows administrators to control different aspects of privacy and priority access. It integrates with authentication systems like Microsoft Active Directory (AD) and various single sign-on systems. It can also be configured for a core lab, where search results can be shared with collaborators without them having access to the results of other groups. [...]
Mascot cluster installation security on Linux
Mascot Server has a built-in cluster mode, where the database search can be executed in parallel on a networked cluster of PCs. This requires no special hardware or operating software. The cluster can consist of ‘commodity’ PCs running Windows or Linux. Cluster mode is usually the most practical option for licences of 5 CPU or more, as discussed in Mascot [...]
Retiring the File Transfer Protocol (FTP)
Mascot Server includes Database Manager, which can be configured to download protein sequence databases from many sources using FTP (File Transfer Protocol), HTTP (Hyper Text Transfer Protocol) and HTTPS (HTTP Secure). FTP is the oldest of these protocols by far, making its first appearance in 1971. Until some years ago, FTP was the best and only choice for large file [...]
Single sign-on (SSO) and Mascot
Mascot Server has a role-based security system called Mascot Security. Common use cases are restricting access to configuration files or specific sequence databases, or imposing limits on search size or duration for specific users or groups. These were discussed in earlier blog articles Mascot Security: priority settings and Mascot Security: privacy settings. Mascot Security isn’t designed to have super secure [...]
Mascot workflows in Proteome Discoverer
For many users of Thermo instruments, Proteome Discoverer (PD) is their primary user interface for database searching, and Mascot is represented by a node in the workflow. This article collects together a few tips and observations concerning Proteome Discoverer 2.3 and Mascot Server 2.6. Proteome Discoverer Configuration Under Administration; Mascot Server, the setting Max. MGF File Size [MB] has a [...]
Stepping up security
In late 2016, NCBI dropped support for HTTP requests and restricted their web resources to HTTPS. EBI went HTTPS by default in October 2017 and UniProt has announced that it will go HTTPS-only in June 2018. The UniProt change will cause a problem with Database Manager in older versions of Mascot. This article summarises the effects of turning off HTTP, [...]
Mascot Security: priority settings
An earlier article looked at privacy settings in Mascot security. This article looks at priority settings; the settings that allow one user group to run bigger or longer or more complex searches than another. Many aspects of searches can be limited by user group. The important ones are: SEARCH: Allow msms no enzyme searches SEARCH: Maximum number of concurrent searches [...]
Mascot Security: privacy settings
It is perfectly possible to share a single Mascot Server between individuals or groups who require privacy for their searches. Mascot Security provides the mechanism to limit access to result reports, databases, and even custom modifications. Mascot security is not designed to be highly secure – a determined hacker could probably find ways around it without too much difficulty – [...]
Improved security for Mascot Installations under Linux
In the manual, we recommend (because it is easiest) that ms-monitor.exe is run as root. However, a more secure arrangement is to run ms-monitor.exe as a less privileged user. By default, Apache cgi processes run as www-data:www-data, and for most distros, this is set in the envvars file: export APACHE_RUN_USER=www-data export APACHE_RUN_GROUP=www-data This can however, be overriden in the /etc/apache2/apache2.conf [...]
Using Mascot security to share search results
How can you share Mascot result reports with external colleagues or customers? There is a help page that describes some off-line solutions, but it doesn’t cover the most flexible solution, which is to use Mascot security to provide external users with limited access to your Mascot Server. In a typical configuration, these users would be able to view their own [...]