loading
Papers Papers/2020

Research.Publish.Connect.

Paper

Authors: Stefanie Jasser 1 and Jonas Kelbert 2

Affiliations: 1 Department of Informatics, University of Hamburg, Hamburg, Germany, akquinet AG, Hamburg, Germany ; 2 akquinet AG, Hamburg, Germany

Keyword(s): Software Security, Code Cleansing, Security Refactoring, Vulnerability Mitigation, Flaw Prioritization.

Abstract: When analyzing legacy software for security huge result lists may be generated. These lists may contain more than 1,000,000 potential vulnerabilities. In this paper, we propose an approach to secure such legacy systems: we define a process to systematically assess and process potential vulnerabilities using contextual system knowledge. The process is complemented with tool-supported technical measures to actually mitigate the vulnerabilities and code injection. The approach allows to efficiently repair vulnerabilities in legacy systems while ensuring system availability for critical systems using a safe go-live technique. We evaluate our approach by an industrial case study to show the applicability and flexibility of our code security cleansing approach.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.236.51.151

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Jasser, S. and Kelbert, J. (2020). An Approach to Secure Legacy Software Systems. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP, ISBN 978-989-758-399-5; ISSN 2184-4356, pages 299-309. DOI: 10.5220/0008902802990309

@conference{icissp20,
author={Stefanie Jasser. and Jonas Kelbert.},
title={An Approach to Secure Legacy Software Systems},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP,},
year={2020},
pages={299-309},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008902802990309},
isbn={978-989-758-399-5},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP,
TI - An Approach to Secure Legacy Software Systems
SN - 978-989-758-399-5
IS - 2184-4356
AU - Jasser, S.
AU - Kelbert, J.
PY - 2020
SP - 299
EP - 309
DO - 10.5220/0008902802990309

0123movie.net