Team:Heidelberg/Safety/SoftwareForm
From 2013.igem.org
JuliaS1992 (Talk | contribs) m |
JuliaS1992 (Talk | contribs) (Answers for software safety form, as submitted via mail) |
||
Line 2: | Line 2: | ||
==Repository - Question 1== | ==Repository - Question 1== | ||
+ | |||
+ | ===Question 1=== | ||
+ | ''Are you using the iGEM Software repository at github.com/igemsoftware? If you have instead stored your code elsewhere, please explain where and why you have put it there. If your code is not in the iGEM repository, are you using any version control system such as Git, CVS, or SVN?''<br/> | ||
+ | We are planning to use the iGEM Software repository and contacted iGEM headquarters about the requirements we have to fulfill. We are currently using a private github repository for our tools until we can upload it to the iGEM repository. | ||
+ | |||
==User Data and Security - Questions 2-3== | ==User Data and Security - Questions 2-3== | ||
+ | |||
+ | ===Question 2=== | ||
+ | ''User Data''<br/> | ||
+ | '''a)''' ''Does your software store any private data supplied by the user? (For example: the user's name and email address, passwords, DNA sequences,circuit designs, etc.) If yes, please describe what kind of data is stored. If no, skip the rest of this question and move on to question 3.''<br/> | ||
+ | One of our tools contains a whole user authentification system provided by the Django framework used by us. We plan to use this for storing session data (NRPS sequences) and to classify database entries made by different user groups. Apart from modifying the database entries any user can fully use both tools without providing any private data. If the user wishes to authenticate, the user's email address, password and optional session data will be saved.<br/> | ||
+ | |||
+ | '''b)''' ''What is the URL or IP address where the user's private data is stored? Where is the physical computer or hard drive that contains the user's private data?''<br/> | ||
+ | The user's data is currently stored on a server located in the Bioquant building in Heidelberg and the URL is igem2013.bioquant.uni-heidelberg.de.<br/> | ||
+ | |||
+ | '''c)''' ''Please describe any encryption, password protection, etc. that you use to protect the user's data. (It is not mandatory to have such protections, but if you do, describe them.)"<br/> | ||
+ | The Django framework never saves clear text passwords. It's using oneway encrypting algorithms (the default is PBKDF2), random alterations and hashing. There are also third party packages to check for password strength and for throttling of login attempts. The storage server is also password protected. | ||
+ | |||
+ | ===Question 3=== | ||
+ | ''Does your software include any other security features? Please describe them here.''<br/> | ||
+ | Since all the data provided is checked automatically / manually and the user authentification system is very secure no other precautions are needed. | ||
+ | |||
==Design and Databases - Questions 4-7== | ==Design and Databases - Questions 4-7== | ||
+ | |||
+ | ===Question 4=== | ||
+ | ''Does your software let the user create a design by choosing parts/genes from a list/database, such as the Registry? If so, which lists/databases are included? Is there any restriction on which parts/genes the user can choose?''<br/> | ||
+ | One tool utilises a newly generated sequence database, which also includes parts from the Registry. The user is provided with a sequence suggestion depending on the desired product. If the suggestion contains standard parts all data available in the Registry is included. | ||
+ | |||
+ | ===Question 5=== | ||
+ | ''Does your software allow users to write new data into any public lists or databases? If so, do you check the new data for errors before allowing it to be written?''<br/> | ||
+ | The user can only make new entries to our database. Restrictions are made depending on the user group and entries are checked automatically for logical mistakes. Entries are furthermore checked manually and classified depending on the author / quality. | ||
+ | |||
+ | ===Question 6=== | ||
+ | ''Does your software include any other features that encourage the user to create safe designs? Please describe them here.''<br/> | ||
+ | All origins, organisms and substances are annotated properly, also including possible safety issues (e.g. S2 donor organisms for the gene modules suggested). The user is provided with this information and can manually adjust the design of the software output. Furthermore, we currently think of a way to detect possibly hazardous peptides the user submits as software input (e.g. antibiotics) based on minimal structure matching. | ||
+ | |||
+ | ===Question 7=== | ||
+ | ''Is your team also doing biological work in a wet lab?''<br/> | ||
+ | Yes | ||
{{:Team:Heidelberg/Templates/EndPage}} | {{:Team:Heidelberg/Templates/EndPage}} |
Latest revision as of 16:50, 30 August 2013
Repository - Question 1
Question 1
Are you using the iGEM Software repository at github.com/igemsoftware? If you have instead stored your code elsewhere, please explain where and why you have put it there. If your code is not in the iGEM repository, are you using any version control system such as Git, CVS, or SVN?
We are planning to use the iGEM Software repository and contacted iGEM headquarters about the requirements we have to fulfill. We are currently using a private github repository for our tools until we can upload it to the iGEM repository.
User Data and Security - Questions 2-3
Question 2
User Data
a) Does your software store any private data supplied by the user? (For example: the user's name and email address, passwords, DNA sequences,circuit designs, etc.) If yes, please describe what kind of data is stored. If no, skip the rest of this question and move on to question 3.
One of our tools contains a whole user authentification system provided by the Django framework used by us. We plan to use this for storing session data (NRPS sequences) and to classify database entries made by different user groups. Apart from modifying the database entries any user can fully use both tools without providing any private data. If the user wishes to authenticate, the user's email address, password and optional session data will be saved.
b) What is the URL or IP address where the user's private data is stored? Where is the physical computer or hard drive that contains the user's private data?
The user's data is currently stored on a server located in the Bioquant building in Heidelberg and the URL is igem2013.bioquant.uni-heidelberg.de.
c) Please describe any encryption, password protection, etc. that you use to protect the user's data. (It is not mandatory to have such protections, but if you do, describe them.)"
The Django framework never saves clear text passwords. It's using oneway encrypting algorithms (the default is PBKDF2), random alterations and hashing. There are also third party packages to check for password strength and for throttling of login attempts. The storage server is also password protected.
Question 3
Does your software include any other security features? Please describe them here.
Since all the data provided is checked automatically / manually and the user authentification system is very secure no other precautions are needed.
Design and Databases - Questions 4-7
Question 4
Does your software let the user create a design by choosing parts/genes from a list/database, such as the Registry? If so, which lists/databases are included? Is there any restriction on which parts/genes the user can choose?
One tool utilises a newly generated sequence database, which also includes parts from the Registry. The user is provided with a sequence suggestion depending on the desired product. If the suggestion contains standard parts all data available in the Registry is included.
Question 5
Does your software allow users to write new data into any public lists or databases? If so, do you check the new data for errors before allowing it to be written?
The user can only make new entries to our database. Restrictions are made depending on the user group and entries are checked automatically for logical mistakes. Entries are furthermore checked manually and classified depending on the author / quality.
Question 6
Does your software include any other features that encourage the user to create safe designs? Please describe them here.
All origins, organisms and substances are annotated properly, also including possible safety issues (e.g. S2 donor organisms for the gene modules suggested). The user is provided with this information and can manually adjust the design of the software output. Furthermore, we currently think of a way to detect possibly hazardous peptides the user submits as software input (e.g. antibiotics) based on minimal structure matching.
Question 7
Is your team also doing biological work in a wet lab?
Yes