An Approach to Secure Legacy Software Systems
Stefanie Jasser, Stefanie Jasser, Jonas Kelbert
2020
Abstract
When analyzing legacy software for security huge result lists may be generated. These lists may contain more than 1,000,000 potential vulnerabilities. In this paper, we propose an approach to secure such legacy systems: we define a process to systematically assess and process potential vulnerabilities using contextual system knowledge. The process is complemented with tool-supported technical measures to actually mitigate the vulnerabilities and code injection. The approach allows to efficiently repair vulnerabilities in legacy systems while ensuring system availability for critical systems using a safe go-live technique. We evaluate our approach by an industrial case study to show the applicability and flexibility of our code security cleansing approach.
DownloadPaper Citation
in Harvard Style
Jasser S. and Kelbert J. (2020). An Approach to Secure Legacy Software Systems. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 299-309. DOI: 10.5220/0008902802990309
in Bibtex Style
@conference{icissp20,
author={Stefanie Jasser and Jonas Kelbert},
title={An Approach to Secure Legacy Software Systems},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={299-309},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008902802990309},
isbn={978-989-758-399-5},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - An Approach to Secure Legacy Software Systems
SN - 978-989-758-399-5
AU - Jasser S.
AU - Kelbert J.
PY - 2020
SP - 299
EP - 309
DO - 10.5220/0008902802990309