hoo2/InformationSystemsSecurity
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Readme rework

Browse Source
This commit is contained in:
Christos Choutouridis 2026-01-12 13:07:40 +02:00
parent 5e7755d946
commit 59692b7c05
2 changed files with 101 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
Readme.md
View File

@ -10,75 +10,30 @@ The purpose of this work was to identify, analyze, and mitigate these vulnerabil
The application is implemented in PHP and uses a MySQL database for data storage.
The deployment is fully containerized using Docker and Docker Compose, ensuring reproducibility and ease of execution across different operating systems.
---
## Architecture Overview
The application is deployed as a multi-container system.
Each component has a clearly defined role and responsibility.
All services are isolated and communicate only through Docker-managed networks.
---
## Components
### Web Application (PHP)
The web service hosts the PHP-based password manager application.
It is responsible for:
- User authentication and session handling
- Secure storage and retrieval of credentials
- Input validation and output sanitization
- Interaction with the database through restricted credentials
The PHP application runs inside its own container and does not expose any ports directly to the host system.
---
### Database (MySQL)
The database service provides persistent storage for:
- User accounts
- Stored credentials
- Application data
Security improvements include:
- Use of a dedicated database user with limited privileges
- Separation of database credentials via environment variables
- Isolation of the database service from direct external access
---
### Reverse Proxy and HTTPS (Caddy)
Caddy is used as a reverse proxy in front of the web application.
It provides:
- Automatic HTTP to HTTPS redirection
- Internal TLS certificate generation
- Secure termination of HTTPS connections
- Optional security-related HTTP headers
All external access to the application is handled exclusively by Caddy.
---
Components:
- Web Application (PHP)
- Database (MySQL)
- Reverse Proxy and HTTPS (Caddy)
## Deployment Instructions
The deployment process is identical for Linux and Windows.
The only requirement is a working Docker installation.
---
## Prerequisites
### Prerequisites
- Docker
- Docker Compose (included in modern Docker installations)
No additional software such as Apache, PHP, or MySQL is required on the host system.
---
## Deployment on Linux
### Deployment on Linux
1. Open a terminal.
2. Navigate to the project directory containing `docker-compose.yml`.
@ -89,7 +44,7 @@ No additional software such as Apache, PHP, or MySQL is required on the host sys
4. Wait until all containers are built and started.
5. Access the application through your browser using: https://localhost
## Deployment on Windows
### Deployment on Windows
1. Install Docker Desktop for Windows.
2. Ensure that WSL2 is enabled (Docker Desktop will guide you automatically).
@ -101,7 +56,7 @@ No additional software such as Apache, PHP, or MySQL is required on the host sys
```
6. Once the containers are running, open a browser and navigate to: https://localhost
## Notes on Reproducibility
### Notes on Reproducibility
The use of Docker ensures that:
- The application behaves identically on all supported operating systems

93
passman-dev/Readme.md Normal file
View File

@ -0,0 +1,93 @@
# Password Manager Security Application
## Architecture Overview
The application is deployed as a multi-container system.
Each component has a clearly defined role and responsibility.
All services are isolated and communicate only through Docker-managed networks.
## Components
### Web Application (PHP)
The web service hosts the PHP-based password manager application.
It is responsible for:
- User authentication and session handling
- Secure storage and retrieval of credentials
- Input validation and output sanitization
- Interaction with the database through restricted credentials
The PHP application runs inside its own container and does not expose any ports directly to the host system.
### Database (MySQL)
The database service provides persistent storage for:
- User accounts
- Stored credentials
- Application data
Security improvements include:
- Use of a dedicated database user with limited privileges
- Separation of database credentials via environment variables
- Isolation of the database service from direct external access
### Reverse Proxy and HTTPS (Caddy)
Caddy is used as a reverse proxy in front of the web application.
It provides:
- Automatic HTTP to HTTPS redirection
- Internal TLS certificate generation
- Secure termination of HTTPS connections
- Optional security-related HTTP headers
All external access to the application is handled exclusively by Caddy.
## Deployment Instructions
The deployment process is identical for Linux and Windows.
The only requirement is a working Docker installation.
### Prerequisites
- Docker
- Docker Compose (included in modern Docker installations)
No additional software such as Apache, PHP, or MySQL is required on the host system.
### Deployment on Linux
1. Open a terminal.
2. Navigate to the project directory containing `docker-compose.yml`.
3. Run the following command:
```bash
docker compose up -d --build
```
4. Wait until all containers are built and started.
5. Access the application through your browser using: https://localhost
### Deployment on Windows
1. Install Docker Desktop for Windows.
2. Ensure that WSL2 is enabled (Docker Desktop will guide you automatically).
3. Open PowerShell or Command Prompt.
4. Navigate to the project directory containing docker-compose.yml.
5. Run the following command:
```bash
docker compose up -d --build
```
6. Once the containers are running, open a browser and navigate to: https://localhost
### Notes on Reproducibility
The use of Docker ensures that:
- The application behaves identically on all supported operating systems
- No manual configuration of web servers or databases is required
- Environment-specific issues are minimized
This approach allows evaluators to focus on the security aspects of the application rather than deployment complexity.