|
|
|
# Quantitative Security Assessment (QSA)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In this page, the steps that need to be followed for installing and setting up the back-end
|
|
|
|
of the **Quantitative Security Assessment (QSA)** mechanism on your local machine are provided, as well as information on how to use the QSA service.
|
|
|
|
|
|
|
|
Initially, information is provided on how to deploy a Docker Container, using the latest Docker Image that is available on [DockerHub](https://hub.docker.com/repository/docker/siavvasm/vm4sec-security-assessment).
|
|
|
|
|
|
|
|
## Installation
|
|
|
|
|
|
|
|
### Prerequisite
|
|
|
|
|
|
|
|
The only prerequisite for the installation of the QSA mechanism is to have the latest version of [Docker](https://www.docker.com/) installed and running on your local machine.
|
|
|
|
|
|
|
|
### Installation directly from DockerHub
|
|
|
|
|
|
|
|
The QSA mechanism is available for download on [DockerHub](https://hub.docker.com/r/siavvasm/sdk4ed-dependability-toolbox/tags). In order to install it locally, you need to execute the following command on your terminal (assuming that Docker Engine is already installed on your system):
|
|
|
|
|
|
|
|
~~~
|
|
|
|
docker run -p 8080:8080 --name vm4sec-qsa -it siavvasm/vm4sec-security-assessment:latest bash ./catalina.sh run
|
|
|
|
~~~
|
|
|
|
|
|
|
|
The above command will download the Docker Image of the latest version of the QSA mechanism locally and will generate a Docker Container named vm4sec-qsa. It will also start the Tomcat Server that hosts the services. Hence, after the execution of this command the QSA will be up and running and the services will be invokable at port 8080 of your local machine. More specifically, the services will reside at the following end point:
|
|
|
|
|
|
|
|
~~~
|
|
|
|
<your_local_host_ip>:8080/DependabilityToolbox
|
|
|
|
~~~
|
|
|
|
|
|
|
|
In the above endpoint, you should replace the <your_local_host_ip> placeholder with the IP of your local machine on which the QSA docker container is running.
|
|
|
|
|
|
|
|
In case that you don't want to see the log files of the Tomcat Server that hosts the services of the Dependability Toolbox, you should replace the "./catakina.sh run" parameter of the above command with "./startup.sh". For your convenience, the full command that should be executed is presented below:
|
|
|
|
|
|
|
|
~~~
|
|
|
|
docker run -p 8080:8080 --name vm4sec-qsa -it siavvasm/vm4sec-security-assessment:latest bash ./startup.sh
|
|
|
|
~~~
|
|
|
|
|
|
|
|
Attention: You can use a different port than the 8080 on your local machine, as long as the correct mapping is done in the _docker run_ command. For instance, if you wish the docker container to listen to the 8089 port, you should define "-p 8089:8080" in the aforementioned commands. It should be noted, that in that case, if you are willing to use also the Dashboard, this change should be applied to the Docker File of the dashboard in order to declare where the services reside. For more information please check the [Dashboard Wiki Page]().
|
|
|
|
|
|
|
|
## Usage of the QSA mechanism |
|
|
\ No newline at end of file |
