Integration of legacy client-server applications in a secure multi-tier architecture

Presents a CORBA-based multi-tier architecture which is capable of adding security to an existing service. We assume the legacy application is available as a compiled program consisting of a client and a server module. Under these assumptions, we show how to build a new system which re-integrates the original service and secures it. The architecture we propose is quite flexible and represents a framework which can be adopted - with minor changes - for improving the security level of a wide class of legacy systems. A system prototype has been developed and its performance evaluated. The prototype uses digital certificates which can be provided by virtually any certification authority. A fundamental advantage of the proposed approach is that the legacy server is integrated in the secure system with no changes being made to it. This minimizes the development effort, since full reuse of existing software is achieved. Furthermore, backward compatibility is preserved, since it is possible to integrate the new clients with the pre-existing applications, protecting the investment in legacy systems