Monarc
/
MonarcAppFO
mirror of https://github.com/monarc-project/MonarcAppFO
1
0
Fork 0
Code Issues Releases Wiki Activity

Various improvements for the README.

pull/13/head
Cédric Bonhomme 2017-06-21 22:39:25 +02:00
parent 0189dcc422
commit 7d4db2a2c6
No known key found for this signature in database
GPG Key ID: A1CB94DE57B7A70D
1 changed files with 53 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
README.md
View File

@ -5,15 +5,29 @@ Skeleton Monarc Project
Introduction
------------
CASES promotes information security through the use of behavioral, organizational and technical measures. Depending on its size and its security needs, organizations must react in the most appropriate manner.
Adopting good practices, taking the necessary measures and adjusting them proportionally: all this is part of the process to ensure information security. Most of all, it depends on performing a risk analysis on a regular basis.
CASES promotes information security through the use of behavioral,
organizational and technical measures. Depending on its size and its security
needs, organizations must react in the most appropriate manner.
Adopting good practices, taking the necessary measures and adjusting them
proportionally: all this is part of the process to ensure information security.
Most of all, it depends on performing a risk analysis on a regular basis.
Although the profitability of the risk analysis approach is guaranteed, the investment represented by this approach in terms of the required cost and expertise is a barrier for many companies, especially SMEs.
Although the profitability of the risk analysis approach is guaranteed, the
investment represented by this approach in terms of the required cost and
expertise is a barrier for many companies, especially SMEs.
To remedy this situation and allow all organizations, both large and small, to benefit from the advantages that a risk analysis offers, CASES has developed an optimised risk analysis method: MONARC (Method for an Optimised aNAlysis of Risks by CASES), allowing precise and repeatable risk management.
To remedy this situation and allow all organizations, both large and small, to
benefit from the advantages that a risk analysis offers, CASES has developed an
optimised risk analysis method: MONARC (Method for an Optimised aNAlysis of
Risks by CASES), allowing precise and repeatable risk management.
The advantage of MONARC lies in the capitalization of risk analyses already performed in similar business contexts: the same vulnerabilities
regularly appear in many businesses, as they face the same threats and generate similar risks. Most companies have servers, printers, a fleet of smartphones, Wi-Fi antennas, etc. therefore the vulnerabilities and threats are the same. It is therefore sufficient to generalize risk scenarios for these assets (also called objects) by context and/or business.
The advantage of MONARC lies in the capitalization of risk analyses already
performed in similar business contexts: the same vulnerabilities
regularly appear in many businesses, as they face the same threats and generate
similar risks. Most companies have servers, printers, a fleet of smartphones,
Wi-Fi antennas, etc. therefore the vulnerabilities and threats are the same.
It is therefore sufficient to generalize risk scenarios for these assets (also
called objects) by context and/or business.
More information: [Optimised risk analysis Method] (https://www.cases.lu/index-quick.php?dims_op=doc_file_download&docfile_md5id=56ee6ff569a40a5b52bed0e526a6a77f) (pdf)
@ -22,18 +36,21 @@ Installation
PHP & MySQL
-----------
Install PHP (version 7.0 recommended) with extensions : xml, mbstring, mysql, zip, unzip, mcrypt, intl, gettext, imagick (extension php)
In php.ini, set upload_max_filesize to 200Mo
Install PHP (version 7.0 recommended) with extensions : xml, mbstring, mysql,
zip, unzip, mcrypt, intl, gettext, imagick (extension php)
In php.ini, set *upload_max_filesize* to 200Mo
Install Apache (or Nginx) and enable mods : rewrite, ssl (a2enmod)
Install MySQL (version 5.7 recommended) or MariaDb equivalent
Install MySQL (version 5.7 recommended) or MariaDb.
Using Composer (recommended)
----------------------------
Alternately, clone the repository and manually invoke `composer` using the shipped
`composer.phar`:
Alternately, clone the repository and invoke `composer` using the
shipped `composer.phar`:
cd my/project/dir
git clone https://github.com/CASES-LU/MonarcAppFO.git ./monarc
@ -48,6 +65,7 @@ available.)
![Arbo](public/img/arbo1.png "Arbo")
Databases
---------
Create 2 databases:
@ -55,43 +73,43 @@ Create 2 databases:
CREATE DATABASE monarc_cli DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
Change Sql Mode in my.cnf:
Change SQL Mode in my.cnf:
[mysqld]
sql-mode = MYSQL40
There are 2 databases:
* monarc_common contains models and data created by CASES.
* monarc_cli contains all client risk analyses. Each analysis is based on CASES model of monarc_common
* monarc_common contains models and data created by CASES;
* monarc_cli contains all client risk analyses. Each analysis is based on CASES
model of monarc_common.
Symbolic links
---------------
API
---
The project is split into 2 parts :
* an Api in charge of retrieving data
* an interface which displays data
The project is composed of 2 parts:
* an API in charge of retrieving data;
* an interface which displays data.
The Api is not direct modules of the project but libraries.
You must create modules with symbolic links to libraries
Create 2 symbolic links in root project directory:
The API is not directly modules of the project but libraries.
You must create modules with symbolic links to libraries.
Create 2 symbolic links in the root of project directory:
mkdir module
cd module
ln -s ./../vendor/monarc/core MonarcCore;
ln -s ./../vendor/monarc/frontoffice MonarcFO;
cd module/
ln -s ./../vendor/monarc/core MonarcCore
ln -s ./../vendor/monarc/frontoffice MonarcFO
There are 2 parts:
* one only for front office;
* one common for front office and back office (private project).
It is developed with Zend framework 2
It is developed with Zend framework 2.
![Arbo](public/img/arbo2.png "Arbo")
Interfaces
----------
Repository for Angular at project root:
Repository for Angular at the root of the project:
mkdir node_modules
cd node_modules
@ -99,19 +117,21 @@ Repository for Angular at project root:
git clone https://github.com/CASES-LU/ng-anr.git ng_anr
There are 2 parts:
* one only for front office: ng_client
* one common for front office and back office: ng_anr
* one only for front office: ng_client;
* one common for front office and back office: ng_anr.
It is developed with Angular framework version 1
![Arbo](public/img/arbo3.png "Arbo")
Web Server Setup
----------------
### PHP CLI Server
The simplest way to get started if you are using PHP 5.4 or above is to start the internal PHP cli-server in the root directory:
The simplest way to get started if you are using PHP 5.4 or above is to start
the internal PHP cli-server in the root directory:
php -S 0.0.0.0:8080 -t public/ public/index.php
@ -176,7 +196,8 @@ Create configuration file
Update connection information to local.php and global.php
Configuration files are stored in cache.
If your changes have not been considered, empty cache by deleting file in /data/cache
If your changes have not been considered, empty cache by deleting file in
/data/cache
Install Grunt
-------------