Analysis of Secure Wrapping Technologies.

Abstract : Networked computer systems are increasingly being threatened by inadvertent disruption and, at time, malicious attacks from other network users. This paper analyses the types, extent, and performance impacts of protection that might be achieved by applying software wrapping techniques to Dop legacy software systems and to commercial off-the-shelf (COTS) so ware products. Wrapping is a technique by which adapters are interposed at software interfaces, allowing new functions to be added. Architecture modeling techniques were used to verify that wrapping could be used to add services such as encryption, authentication, access controls, transactions logs, fault detection and correction, and redundancy to existing software systems. While the best solution for security in legacy systems and COTS software may ultimately be provided by their complete reengineering, our investigations confirm that wrapping techniques can provide an effective, near-term solution to a number of existing security problems. Techniques for ensuring the integrity of wrappers and wrapped software systems, and possibilities for additional functionality provided through wrappers require further investigation.