一种遗留系统中访问控制策略的再工程方法

基于角色的访问控制是目前应用最广泛且先进的安全控制机制.针对它被广泛应用于新软件,却未被遗留系统普遍采用的问题,提出一种访问控制策略的再工程方法.方法定义了描述、操作和评估访问控制策略的面向转换的访问控制策略语言,研究了提取遗留访问控制策略的方法,并给出将角色引入遗留访问控制策略的转换规则和算法.案例分析表明方法是可行的,它能够使用角色和角色层次重组遗留访问控制策略,以改善遗留系统的访问控制机制.     

模型切片技术及其在软件演化领域的应用

软件演化是高质量软件开发的重要课题.互联网的爆炸式发展要求软件正在迅速发展.然而,随着遗留系统的规模和复杂性不断增加,从遗留系统中提取出的模型也越来越复杂,更多的节点和边被添加到图中,这导致图形的可读性降低.同时,软件重组工程师很难在较高的抽象视图中对遗留系统进行调查.因此,对遗留系统演化策略,本文提出了一种动态模型切片方法来促进遗留系统演化.案例研究表明,提出的方法是有用和高效的.     

大型遗留系统的性能与安全优化

为了解决大型遗留系统日益凸显的性能与安全问题,保证系统的可靠平稳运行,分析和研究了遗留系统的性能及安全现状,并在此基础上提出了优化策略.分别从前端、数据库、服务器、系统架构、系统安全五个方面阐述了优化方案,最后结合实例进行了优化策略验证.验证结果表明,该方案可以有效提升遗留系统的性能和安全等级.     

基于模式复用的遗留系统的模型集成研究

提出了利用模式复用技术来进行遗留系统的模型集成的方法，重点介绍遗留系统模型集成的过程，并通过一个具体案例来说明集成中模式复用的不同策略。最后，对于遗留系统模型集成中模式复用可能存在的问题进行了分析，并给出了相应的解决方案。     

C／S遗留系统到SOA系统移植框架研究

遗留系统在组织中起着重要的作用。随着商业环境的快速变化，应该不断用新技术对其进行进化。Web Service和面向服务的体系结构（SOA）使我们能在面向服务的计算环境中进化遗留系统。用web Service技术集成遗留系统的传统方法是将遗留系统包装成“黑盒子”。本文提出了一种再工程方法，该方法将遗留系统的包装和理解相结合。该方法不仅能对服务进行识别和包装，还可以将遗留系统移植到SOA的体系结构中。     

历史遗留测试系统的分布式开发策略*

探讨了分布式测试系统的现状及中间件DCOM,CORBA的特点。提出了利用中间件技术对历史遗留测试系统进行分布式开发的策略：对计算机配置高的历史遗留测试系统,结合其特点探索出了一种高效率、高性能的基于CORBADCOM的分布式开发方案;针对数控测试系统,则巧妙利用数据库、多线程、CORBA技术,灵活、经济、可靠地实现了其分布式开发,为计算机配置低的历史遗留测试系统的分布式开发提供了可靠、现实的借鉴、参考。     

遗留系统的角色工程方法研究

针对角色工程方法欠缺关注遗留系统的外部行为不变性和易演化性的问题,基于FermaT转换理论和集合理论,提出一种遗留系统的角色工程方法。该方法给出访问控制策略的转换规则,分析转换规则的管理成本,讨论遗留系统角色工程的设计准则,并给出符合设计准则的角色工程方法。案例分析表明,该方法能够在生成角色的同时构造角色层次,与主要的角色挖掘方法相比,角色的粒度更加细化,角色层次完整且不冗余,在产生必要角色的前提下管理开销最低。     

遗留系统的演化活动

为保护企业的IT投资,必须对遗留系统进行演化。本文介绍了一种遗留系统的评估方法,包括业务价值和系统技术水平的评估。在分析评估结果的基础上,阐述遗留系统的演化活动和目前软件工程领域内的相关技术。     

关于分布式、异构、历史遗留数据的数据挖掘研究

主要研究在分布式、异构和历史遗留数据库中进行数据挖掘的方法和策略。首先讨论分布式数据库的挖掘方法,在此基础上进行扩展讨论异构数据源的数据挖掘方法;最后,讨论历史遗留数据库的挖掘方法。     

对遗留系统的Web服务封装

文章对面向服务体系结构(SOA)和Web服务进行了分析,针对当前存在的各种遗留系统,提出了将它们进行Web服务封装的设计与实现方法.该方法充分考虑了遗留系统多语言、多平台的特点,并针对特定系统(linux/unix环境下采用c/c 语言开发)提出了解决方法,能有效的对遗留系统进行基于SOA的Web服务封装.     

Strategies and methods for cloud migration

Legacy system migration to the cloud brings both great challenges and benefits, so there exist various academic research and industrial applications on legacy system migration to the cloud. By analyzing the research achievements and application status,we divide the existing migration methods into three strategies according to the cloud service models integrally. Different processes need to be considered for different migration strategies, and different tasks will be involved accordingly. The similarities and differences between the migration strategies are discussed, and the challenges and future work about legacy system migration to the cloud are proposed. The aim of this paper is to provide an overall presentation for legacy system migration to the cloud and identify important challenges and future research directions.     

A service composition approach based on sequence mining for migrating e-learning legacy system to SOA

With the fast development of business logic and information technology, today's best solutions are tomorrow's legacy systems. In China, the situation in the education domain follows the same path. Currently, there exists a number of e-learning legacy assets with accumulated practical business experience, such as program resource, usage behaviour data resource, and so on. In order to use these legacy assets adequately and efficiently, we should not only utilize the explicit assets but also discover the hidden assets. The usage behaviour data resource is the set of practical operation sequences requested by all users. The hidden patterns in this data resource will provide users' practical experiences, which can benefit the service composition in service-oriented architecture (SOA) migration. Namely, these discovered patterns will be the candidate composite services (coarse-grained) in SOA systems. Although data mining techniques have been used for software engineering tasks, little is known about how they can be used for service composition of migrating an e-learning legacy system (MELS) to SOA. In this paper, we propose a service composition approach based on sequence mining techniques for MELS. Composite services found by this approach will be the complementation of business logic analysis results of MELS. The core of this approach is to develop an appropriate sequence mining algorithm for mining related data collected from an e-learning legacy system. According to the features of execution trace data on usage behaviour from this e-learning legacy system and needs of further pattern analysis, we propose a sequential mining algorithm to mine this kind of data of the legacy system. For validation, this approach has been applied to the corresponding real data, which was collected from the e-learning legacy system; meanwhile, some investigation questionnaires were set up to collect satisfaction data. The investigation result is 90% the same with the result obtained through our approach.     

基于业务服务的企业遗留系统集成框架

企业应用集成(EAI)是当前企业进行业务扩展的一项主要技术,基于SOA实现EAI面临着一个重要的问题,如何将遗留系统无缝地连接到不断变化的新业务需求中.利用面向服务的架构来解决企业遗留系统应用集成.结合业务服务的概念和传统企业应用集成解决方案,讨论了基于业务服务的遗留系统应用集成框架,使用IBM平台对一个遗留销售系统集成案例进行了实现.     

遗产软件系统的重构过程

本文首先介绍了软件遗产的相关概念，并给出常用的软件遗产开发模型；然后，分析了软件遗产开发中所要解决的主要问题，详细介绍了一种进行程序理解的方法一簇分析法；最后说明了在程序理解的基础上如何对遗产软件进行重构。     

A Framework for Method-Specific Knowledge Compilation from Databases

Generality and scale are important but difficult issues in knowledge engineering. At the root of the difficulty lie two challenging issues: how to accumulate huge volumes of knowledge and how to support heterogeneous knowledge and processing. One approach to the first issue is to reuse legacy knowledge systems, integrate knowledge systems with legacy databases, and enable sharing of the databases by multiple knowledge systems. We present an architecture called HIPED for realizing this approach. HIPED converts the second issue above into a new form: how to convert data accessed from a legacy database into a form appropriate to the processing method used in a legacy knowledge system. One approach to this reformed issue is to use method-specific compilation of data into knowledge. We describe an experiment in which a legacy knowledge system called INTERACTIVE KRITIK is integrated with an ORACLE database. The experiment indicates the computational feasibility of method-specific data-to-knowledge compilation.     

Early Cognitive Vision: Using Gestalt-Laws for Task-Dependent,Active Image-Processing

The goal of this review is to discuss different strategies employed by the visual system to limit data-flow and to focus data processing. These strategies can be hard-wired, like the eccentricity-dependent visual resolution or they can be dynamically changing like mechanisms of visual attention. We will ask to what degree such strategies are also useful in a computer vision context. Specifically we will discuss, how to adapt them to technical systems where the substrate for the computations is vastly different from that in the brain. It will become clear that most algorithmic principles, which are employed by natural visual systems, need to be reformulated to better fit to modern computer architectures. In addition, we will try to show that it is possible to employ multiple strategies in parallel to arrive at a flexible and robust computer vision system based on recurrent feedback loops and using information derived from the statistics of natural images.     

Strategic roles of IT modernization and cloud migration in reducing cybersecurity risks of organizations: The case of U.S. federal government

Many organizations run their core business operations on decades-old legacy IT systems. Some security professionals argue that legacy IT systems significantly increase security risks because they are not designed to address contemporary cybersecurity risks. Others counter that the legacy systems might be “secure by antiquity” and argue that due to lack of adequate documentation on the systems, it is very difficult for potential attackers to discover and exploit security vulnerabilities. There is a shortage of empirical evidence on either argument. Routine activity theory (RAT) argues that an organization’s guardianship is critical for reducing security incidents. However, RAT does not well explain how organizations might guard against security risks of legacy IT systems. We theorize that organizations can enhance their guardianship by either modernizing their legacy IT systems in-house or by outsourcing them to cloud vendors. With datasets from the U.S. federal agencies, we find that agencies that have more legacy IT systems experience more frequent security incidents than others with more modern IT systems. A 1%-point increase in the proportion of IT budgets spent on IT modernization is associated with a 5.6% decrease in the number of security incidents. Furthermore, migration of the legacy systems to the cloud is negatively associated with the number of security incidents. The findings advance the literature on strategic information systems by extending RAT to explain why the “security by antiquity” argument is not valid and how organizations can reduce the security risks of legacy IT systems through modernization and migration to the cloud.     

A conceptual framework for requirements engineering

A framework for assessing research and practice in requirements engineering is proposed. The framework is used to survey state of the art research contributions and practice. The framework considers a task activity view of requirements, and elaborates different views of requirements engineering (RE) depending on the starting point of a system development. Another perspective is to analyse RE from different conceptions of products and their properties. RE research is examined within this framework and then placed in the context of how it extends current system development methods and systems analysis techniques.     

Breaking or keeping the habits: exploring the role of legacy habits in the process of discontinuing organisational information systems

Users develop habits in relation to information systems (IS) to reduce the cognitive and behavioural efforts needed for using them. However, when these systems have to be discontinued, users face challenges regarding how to stop relying on their legacy habits. Despite their importance, we know little about how legacy habits shape the way users discontinue a legacy system. Through a comparative case-study approach, in a large mortgage firm and an international telecommunication company, we identify three roles that these habits play during the discontinuance process. We demonstrate that legacy habits not only play an ‘inhibiting’ role by keeping users attached to legacy systems; they also play a ‘bridging’ role by acting as a common ground for users to start working with a new system and a ‘deterring’ role when users resent certain habits of working with the legacy systems, despite their orientation to keep relying on these habits. We contribute to the IS habit literature by extending the roles of legacy habits beyond an inhibiting role. We also enrich the conceptualisation of legacy habits beyond the individual level by showing that the socio-technical conditions in which the habits are embedded impact the emergence and evolution of their roles during the discontinuance process. We discuss the implications of our findings for theorising and managing IS discontinuance process.