Legacy Code Retrofitting Paper Appeared at Oakland 2006
Posted 26 May 2006
The paper Retrofitting Legacy Code for Authorization Policy Enforcement, co-authored by Vinod Ganapathy, Trent Jaeger and Somesh Jha appeared at the 2006 IEEE Symposium on Security and Privacy, which was held from May 21st to 24th, 2006 in Oakland, California.
Researchers have argued that the best way to construct a secure system is to proactively integrate security into the design of the system. However, this tenet is rarely followed because of economic and practical considerations. Instead, security mechanisms are added as the need arises, by retrofitting legacy code. Existing techniques to do so are manual and ad hoc, and often result in security holes.
This paper presents program analysis techniques to assist the process of retrofitting legacy code for authorization policy enforcement. These techniques can be used to retrofit legacy servers, such as X window, web, proxy, and cache servers. Because such servers manage multiple clients simultaneously, and offer shared resources to clients, they must have the ability to enforce authorization policies. A developer can use these techniques to identify security-sensitive locations in legacy servers, and place reference monitor calls to mediate these locations. The authors demonstrate these techniques by retrofitting an X11 server to enforce authorization policies on its X clients.