diff --git a/README.md b/README.md index da2ba46..643bf2e 100644 --- a/README.md +++ b/README.md @@ -5,15 +5,29 @@ Skeleton Monarc Project Introduction ------------ -CASES promotes information security through the use of behavioral, organizational and technical measures. Depending on its size and its security needs, organizations must react in the most appropriate manner. -Adopting good practices, taking the necessary measures and adjusting them proportionally: all this is part of the process to ensure information security. Most of all, it depends on performing a risk analysis on a regular basis. +CASES promotes information security through the use of behavioral, +organizational and technical measures. Depending on its size and its security +needs, organizations must react in the most appropriate manner. +Adopting good practices, taking the necessary measures and adjusting them +proportionally: all this is part of the process to ensure information security. +Most of all, it depends on performing a risk analysis on a regular basis. -Although the profitability of the risk analysis approach is guaranteed, the investment represented by this approach in terms of the required cost and expertise is a barrier for many companies, especially SMEs. +Although the profitability of the risk analysis approach is guaranteed, the +investment represented by this approach in terms of the required cost and +expertise is a barrier for many companies, especially SMEs. -To remedy this situation and allow all organizations, both large and small, to benefit from the advantages that a risk analysis offers, CASES has developed an optimised risk analysis method: MONARC (Method for an Optimised aNAlysis of Risks by CASES), allowing precise and repeatable risk management. +To remedy this situation and allow all organizations, both large and small, to +benefit from the advantages that a risk analysis offers, CASES has developed an +optimised risk analysis method: MONARC (Method for an Optimised aNAlysis of + Risks by CASES), allowing precise and repeatable risk management. -The advantage of MONARC lies in the capitalization of risk analyses already performed in similar business contexts: the same vulnerabilities -regularly appear in many businesses, as they face the same threats and generate similar risks. Most companies have servers, printers, a fleet of smartphones, Wi-Fi antennas, etc. therefore the vulnerabilities and threats are the same. It is therefore sufficient to generalize risk scenarios for these assets (also called objects) by context and/or business. +The advantage of MONARC lies in the capitalization of risk analyses already +performed in similar business contexts: the same vulnerabilities +regularly appear in many businesses, as they face the same threats and generate +similar risks. Most companies have servers, printers, a fleet of smartphones, +Wi-Fi antennas, etc. therefore the vulnerabilities and threats are the same. +It is therefore sufficient to generalize risk scenarios for these assets (also +called objects) by context and/or business. More information: [Optimised risk analysis Method] (https://www.cases.lu/index-quick.php?dims_op=doc_file_download&docfile_md5id=56ee6ff569a40a5b52bed0e526a6a77f) (pdf) @@ -22,18 +36,21 @@ Installation PHP & MySQL ----------- -Install PHP (version 7.0 recommended) with extensions : xml, mbstring, mysql, zip, unzip, mcrypt, intl, gettext, imagick (extension php) -In php.ini, set upload_max_filesize to 200Mo +Install PHP (version 7.0 recommended) with extensions : xml, mbstring, mysql, +zip, unzip, mcrypt, intl, gettext, imagick (extension php) + +In php.ini, set *upload_max_filesize* to 200Mo + Install Apache (or Nginx) and enable mods : rewrite, ssl (a2enmod) -Install MySQL (version 5.7 recommended) or MariaDb equivalent +Install MySQL (version 5.7 recommended) or MariaDb. Using Composer (recommended) ---------------------------- -Alternately, clone the repository and manually invoke `composer` using the shipped -`composer.phar`: +Alternately, clone the repository and invoke `composer` using the +shipped `composer.phar`: cd my/project/dir git clone https://github.com/CASES-LU/MonarcAppFO.git ./monarc @@ -48,6 +65,7 @@ available.) ![Arbo](public/img/arbo1.png "Arbo") + Databases --------- Create 2 databases: @@ -55,43 +73,43 @@ Create 2 databases: CREATE DATABASE monarc_cli DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; -Change Sql Mode in my.cnf: +Change SQL Mode in my.cnf: [mysqld] sql-mode = MYSQL40 There are 2 databases: -* monarc_common contains models and data created by CASES. -* monarc_cli contains all client risk analyses. Each analysis is based on CASES model of monarc_common +* monarc_common contains models and data created by CASES; +* monarc_cli contains all client risk analyses. Each analysis is based on CASES + model of monarc_common. -Symbolic links ---------------- +API +--- -The project is split into 2 parts : -* an Api in charge of retrieving data -* an interface which displays data +The project is composed of 2 parts: +* an API in charge of retrieving data; +* an interface which displays data. -The Api is not direct modules of the project but libraries. -You must create modules with symbolic links to libraries - -Create 2 symbolic links in root project directory: +The API is not directly modules of the project but libraries. +You must create modules with symbolic links to libraries. +Create 2 symbolic links in the root of project directory: mkdir module - cd module - ln -s ./../vendor/monarc/core MonarcCore; - ln -s ./../vendor/monarc/frontoffice MonarcFO; + cd module/ + ln -s ./../vendor/monarc/core MonarcCore + ln -s ./../vendor/monarc/frontoffice MonarcFO There are 2 parts: * one only for front office; * one common for front office and back office (private project). -It is developed with Zend framework 2 +It is developed with Zend framework 2. ![Arbo](public/img/arbo2.png "Arbo") Interfaces ---------- -Repository for Angular at project root: +Repository for Angular at the root of the project: mkdir node_modules cd node_modules @@ -99,19 +117,21 @@ Repository for Angular at project root: git clone https://github.com/CASES-LU/ng-anr.git ng_anr There are 2 parts: -* one only for front office: ng_client -* one common for front office and back office: ng_anr +* one only for front office: ng_client; +* one common for front office and back office: ng_anr. It is developed with Angular framework version 1 ![Arbo](public/img/arbo3.png "Arbo") + Web Server Setup ---------------- ### PHP CLI Server -The simplest way to get started if you are using PHP 5.4 or above is to start the internal PHP cli-server in the root directory: +The simplest way to get started if you are using PHP 5.4 or above is to start +the internal PHP cli-server in the root directory: php -S 0.0.0.0:8080 -t public/ public/index.php @@ -176,7 +196,8 @@ Create configuration file Update connection information to local.php and global.php Configuration files are stored in cache. -If your changes have not been considered, empty cache by deleting file in /data/cache +If your changes have not been considered, empty cache by deleting file in +/data/cache Install Grunt -------------