An Approach to Secure Legacy Software Systems

Stefanie Jasser, Jonas Kelbert

Abstract

When analyzing legacy software for security huge result lists may be generated. These lists may contain more than 1,000,000 potential vulnerabilities. In this paper, we propose an approach to secure such legacy systems: we define a process to systematically assess and process potential vulnerabilities using contextual system knowledge. The process is complemented with tool-supported technical measures to actually mitigate the vulnerabilities and code injection. The approach allows to efficiently repair vulnerabilities in legacy systems while ensuring system availability for critical systems using a safe go-live technique. We evaluate our approach by an industrial case study to show the applicability and flexibility of our code security cleansing approach.

Download


Paper Citation


in Harvard Style

Jasser S. and Kelbert J. (2020). An Approach to Secure Legacy Software Systems.In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 299-309. DOI: 10.5220/0008902802990309


in Bibtex Style

@conference{icissp20,
author={Stefanie Jasser and Jonas Kelbert},
title={An Approach to Secure Legacy Software Systems},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={299-309},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008902802990309},
isbn={978-989-758-399-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - An Approach to Secure Legacy Software Systems
SN - 978-989-758-399-5
AU - Jasser S.
AU - Kelbert J.
PY - 2020
SP - 299
EP - 309
DO - 10.5220/0008902802990309