Secure Migration of Legacy Applications to the Web

  • Zisis Karampaglis
  • Anakreon Mentis
  • Fotios Rafailidis
  • Paschalis Tsolakidis
  • Apostolos Ampatzoglou
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7991)

Abstract

In software engineering, migration of an application is the process of moving the software from one execution platform to another. Nowadays, many desktop applications tend to migrate to the web or to the cloud. Desktop applications are not prepared to face the hostile environment of the web where applications frequently receive harmful data that attempt to exploit program vulnerabilities such as buffer overflows. We propose a migration process for desktop applications with a text-based user interface, which mitigates existing security concerns and enables the software to perform safely in the web without modifying its of the source code. Additionally, we describe an open source tool that facilitates our migration process.

Keywords

Software migration Web application User interface Legacy application 

Notes

Acknowledgement

This work was performed in the framework of the TRACER(09SYN-72–942) project, which is funded by the Cooperation Programme of the Hellenic Secretariat for Research & Technology.

References

  1. 1.
    Al Belushi, W., Baghdadi, Y.: An approach to wrap legacy applications into web services. In: 2007 International Conference Service Systems and Service Management, pp. 1–6 (2007)Google Scholar
  2. 2.
    Abi-Antoun, M., Coelho, W.: A case study in incremental architecture-based re-engineering of a legacy application. In: 5th Working IEEE/IFIP Conference on Software Architecture, 2005, WICSA 2005, p.p. 159–168 (2005)Google Scholar
  3. 3.
    Chatzieleftheriou, G., Katsaros, P.: Test driving static analysis tools in search of C code vulnerabilities. In: Proceedings of the 35th IEEE Computer Software and Applications Conference Workshops (COMPSACW), Munich, Germany, pp. 96–103. IEEE Computer Society (2011)Google Scholar
  4. 4.
    Distante, D., Perrone, V., Bochicchio, M.A.: Migrating to the Web legacy application: the Sinfor project. In: Proceedings of the Fourth International Workshop on Web Site Evolution, 2002, pp. 85–88 (2002)Google Scholar
  5. 5.
    Distante, D., Tilley, S., Canfora, G.: Towards a holistic approach to redesigning legacy applications for the Web with UWAT+. In: Proceedings of the 10th European Conference on Software Maintenance and Reengineering, 2006, CSMR 2006, pp. 5–10 (2006)Google Scholar
  6. 6.
    Lu, F., Huang, H., Xu, Z., Yu, H.: A middleware for legacy application wrapper. In: First International Conference on Semantics, Knowledge and Grid, 2005, SKG ’05, pp. 47 (2005)Google Scholar
  7. 7.
    Besacier, G., Vernier, F.: Toward user interface virtualization: legacy applications and innovative interaction systems. In: EICS ’09: Proceedings of the 1st ACM SIGCHI Symposium on Engineering Interactive Computing Systems, pp. 57–166. New York (2009)Google Scholar
  8. 8.
    Kacsuk, P., Goyeneche, A., Delaitre, T., Kiss, T., Farkas, Z., Boczko, T.: High-level grid application environment to use legacy codes as OGSA grid services. In: GRID ’04: Proceedings of the 5th IEEE/ACM International Workshop on Grid Computing, pp. 428–435. Washington (2004)Google Scholar
  9. 9.
    Konstantas, D.: Migration of legacy applications to a CORBA platform: a case study. In: Proceedings of the IFIP/IEEE International Conference on Distributed Platforms: Client/Server and Beyond: DCE, CORBA, ODsanitP and Advanced Distributed Applications, pp. 100–112 (1996)Google Scholar
  10. 10.
    Le Traon, Y., Mouelhi, T., Pretschner, A., Baudry, B.: Test-driven assessment of access control in legacy applications. In: 2008 1st International Conference on Software Testing, Verification, and Validation, pp. 238–247 (2008)Google Scholar
  11. 11.
    Zhu, L., Matsunaga, A., Sanjeepan, V., Lam, H., Fortes, J.A.B.: Application modeling and representation for automatic grid-enabling of legacy applications. In: First International Conference on e-Science and Grid Computing, pp. 8–31 (2005)Google Scholar
  12. 12.
    Marosi, A.C., Balaton, Z., Kacsuk, P.: GenWrapper: a generic wrapper for running legacy applications on desktop grids. In: IEEE International Symposium on Parallel & Distributed Processing, 2009, IPDPS 2009, pp. 1–6 (2009)Google Scholar
  13. 13.
    Mondal, S.A., Gupta, K.D.: Choosing a middleware for web-integration of a legacy application. SIGSOFT Softw. Eng. Notes 25(3), 50–53 (2000). (New York)CrossRefGoogle Scholar
  14. 14.
    Mui, R., Frankl, P.: Preventing SQL injection through automatic query sanitization with ASSIST. In: Fourth International Workshop on Testing, Analysis and Verification of Web Software, EPTCS 35, Antwerp, pp. 27–38 (2010)Google Scholar
  15. 15.
  16. 16.
    Saxena, P., Molnar, D., Livshits, B.: SCRIPTGARD: automatic context-sensitive sanitization for large-scale legacy web applications. In: CCS ’11: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 601–614. New York (2011)Google Scholar
  17. 17.
  18. 18.
    Tsetsekas, C., Maniatis, S., Venieris, I.S.: Supporting QoS for legacy applications. In: Lorenz, P. (ed.) ICN 2001. LNCS, vol. 2094, pp. 108–116. Springer, Heidelberg (2001)Google Scholar
  19. 19.
    Wong, D.: Kickin’ it old school!: dealing with legacy applications. In: SIGUCCS ’08: Proceedings of the 36th Annual ACM SIGUCCS Fall Conference: Moving Mountains, Blazing Trails, pp. 55–58. New York (2008)Google Scholar
  20. 20.
    Meng, X., Shi, J., Liu, X., Liu, H., Wang, L.: Legacy application migration to cloud. In: 2011 IEEE International Conference on Cloud Computing (CLOUD), pp. 750–751 (2011)Google Scholar
  21. 21.
    Xiong, Y., Su, D.: Wrapping legacy applications into grid services: a case study of a three services approach. In: Shen, W., Luo, J., Lin, Z., Barthès, J.-P.A., Hao, Q. (eds.) CSCWD. LNCS, vol. 4402, pp. 520–529. Springer, Heidelberg (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Zisis Karampaglis
    • 1
  • Anakreon Mentis
    • 1
  • Fotios Rafailidis
    • 1
  • Paschalis Tsolakidis
    • 2
  • Apostolos Ampatzoglou
    • 1
  1. 1.Department of InformaticsAristotle University of ThessalonikiThessalonikiGreece
  2. 2.Chalmers University of TechnologyGothenburgSweden

Personalised recommendations