[Abadi 1996] Martin Abadi and Roger Needham, Prudent Engineering Practice for Cryptographic Protocols, IEEE Transactions on Software Engineering, Volume 22, Issue 1, 1996, 6–15.
[Aho 1986] Aho, Alfred V.; Sethi, Ravi; Ullman, Jeffrey D. "Compilers: Principles, Techniques, and Tools" (2nd ed.), 1986.
Anchor |
---|
| AndroidAPI 13 |
---|
| AndroidAPI 13 |
---|
|
[Android API 2013] Android API. Package Index, Android, 2013. Anchor |
---|
| AndroidGuides 13 |
---|
| AndroidGuides 13 |
---|
|
[Android Guide 2013] Android API Guides, Introduction to Android, Android, 2013. Anchor |
---|
| AndroidSecurity |
---|
| AndroidSecurity |
---|
|
[Android Security] Security Tips, Android Training.[Apache 2014] Apache Tika: A Content Analysis Toolkit, Apache Software Foundation, 2014.[Apache 2015] Apache Tomcat, Apache Software Foundation, 2015.[API 2006] Java Platform, Standard Edition 6 API Specification, Oracle, 2011.[API 2012] Java Platform, Standard Edition 7 API Specification, Oracle, 2012.[API 2013] Java Platform, Standard Edition 7 API Specification, Oracle, 2013.[J2EE API 2013] Java Platform, Extended Edition 7 API Specification, Oracle, 2013.[API 2014] Java Platform, Standard Edition 8 API Specification, Oracle, 2014.[Arnold 2006] Ken Arnold, James Gosling, and David Holmes. The Java™ Programming Language, 4th ed., Addison-Wesley, Boston, 2006.[Austin 2000] Calvin Austin and Monica Pawlan, Advanced Programming for the Java 2 Platform, Addison-Wesley Longman, Boston, 2000.[Black 2004] Paul E. Black and Paul J. Tanenbaum, partial order, in Dictionary of Algorithms and Data Structures [online], Paul E. Black, ed., U.S. National Institute of Standards and Technology, December 17, 2004.[Black 2006] Paul E. Black and Paul J. Tanenbaum, total order, in Dictionary of Algorithms and Data Structures [online], Paul E. Black, ed., U.S. National Institute of Standards and Technology. March 30, 2006.[Bloch 2001] Joshua Bloch, Effective Java: Programming Language Guide, Addison-Wesley Professional, Boston, 2001.[Bloch 2005a] Joshua Bloch and Neal Gafter, Java™ Puzzlers: Traps, Pitfalls, and Corner Cases, Addison-Wesley Professional, Boston, 2005.[Bloch 2005b] Joshua Bloch and Neal Gafter, Yet More Programming Puzzlers, JavaOne Conference, 2005.[Bloch 2007] Joshua Bloch, Effective Java™ Reloaded: This Time It's (Not) for Real, JavaOne Conference, 2007.[Bloch 2008] Joshua Bloch, Effective Java™: Programming Language Guide, 2nd ed., Addison-Wesley Professional, Boston, 2008.[Bloch 2009] Joshua Bloch and Neal Gafter, Return of the Puzzlers: Schlock and Awe, JavaOne Conference, 2009.[Boehm 2005] Hans-J. Boehm, Finalization, Threads, and the Java™ Technology-Based Memory Model, JavaOne Conference, 2005.[Campione 1996] Mary Campione and Kathy Walrath, The Java Tutorial: Object-Oriented Programming for the Internet, Addison-Wesley, Reading, MA, 1996.[CCITT 1988] International Telegraph and Telephone Consultative Committee (CCITT). CCITT Blue Book, Recommendation X.509 and IS0 9594-8: The Directory-Authentication Framework, International Telecommunication Union, Geneva, 1988.[Chan 1999] Patrick Chan, Rosanna Lee, and Douglas Kramer, The Java Class Libraries: Supplement for the Java 2 Platform, Volume 1.2, 2nd ed., Prentice Hall, Upper Saddle River, NJ, 1999.[Chess 2007] Brian Chess and Jacob West, Secure Programming with Static Analysis, Addison-Wesley Professional, Boston, 2007.[Chen 14] Eric Chen, Yutong Pei, Shuo Chen, Yuan Tian, Robert Kotcher, and Patrick Tague. "OAuth Demystified for Mobile Application Developers.", 2014.
[Chin 2011] Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner, Analyzing Inter-Application Communication in Android, Proc. MobiSys '11: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252, ACM, New York, 2011. Anchor |
---|
| Christudas 05 |
---|
| Christudas 05 |
---|
|
[Christudas 2005] Internals of Java Class Loading, ONJava, 2005.[Cohen 1981] On Holy Wars and a Plea for Peace, IEEE Computer, Volume 14, Issue 10, 1981. Anchor |
---|
| Conventions 09 |
---|
| Conventions 09 |
---|
|
[Conventions 2009] Code Conventions for the Java Programming Language, Sun Microsystems, 2009.[Coomes 2007] John Coomes, Peter Kessler, and Tony Printezis, Garbage Collection-Friendly Programming, Java SE Garbage Collection Group, Sun Microsystems, JavaOne Conference, 2007.[Core Java 2004] Cay S. Horstmann and Gary Cornell, Core Java™ 2, Volume I, Fundamentals, 7th ed., Prentice Hall PTR, Boston, 2004.[Coverity 2007] Coverity Prevent User's Manual (3.3.0). Coverity, 2007. Anchor |
---|
| Cunningham 95 |
---|
| Cunningham 95 |
---|
|
[Cunningham 1995] Ward Cunningham, The CHECKS Pattern Language of Information Integrity, in Pattern Languages of Program Design, James O. Coplien and Douglas C. Schmidt (eds.), Addison-Wesley Professional, Reading, MA, 1995.[CVE 2011] Common Vulnerabilities and Exposures, MITRE Corporation, 2011.[Daconta 2000] Michael C. Daconta, When Runtime.exec() Won't, JavaWorld.com, 2000.[Daconta 2003] Michael C. Daconta, Kevin T. Smith, Donald Avondolio, and W. Clay Richardson, More Java Pitfalls, Wiley, New York, 2003.[Darwin 2004] Ian F. Darwin, Java Cookbook, O'Reilly, Sebastopol, CA, 2004.[Davis 2008a] Mark Davis and Ken Whistler, Unicode Standard Annex #15, Unicode Normalization Forms, 2008.[Davis 2008b] Mark Davis and Michel Suignard, Unicode Technical Report #36, Unicode Security Considerations, 2008.[Dennis 1966] Jack B. Dennis and Earl C. Van Horn, Programming Semantics for Multiprogrammed Computations, Communications of the ACM, Volume 9, Issue 3, March 1966, pp. 143–155, DOI=10.1145/365230.365252.[DHS 2006] Build Security In, U.S. Department of Homeland Security, 2006.[Dormann 2008] Will Dormann, Signed Java Applet Security: Worse than ActiveX?, CERT Vulnerability Analysis Blog, 2008.[Doshi 2003] Gunjan Doshi, Best Practices for Exception Handling, ONJava.com, 2003. Anchor |
---|
| Dougherty 2009 |
---|
| Dougherty 2009 |
---|
|
[Dougherty 2009] Chad Dougherty, Kirk Sayre, Robert C. Seacord, David Svoboda, and Kazuya Togashi, Secure Design Patterns, CMU/SEI-2009-TR-010, Defense Technical Information Center, Ft. Belvoir, VA, 2009.[Eclipse 2008] The Eclipse Platform, 2008.[Egele 2013] Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. An Empirical Study of Cryptographic Misuse in Android Applications, Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp.73–84, 2013.[EMA 2014] Java SE Documentation, Extension Mechanism Architecture, Oracle, 1993, 2014.[Enck 2009] William Enck, Machigar Ongtang, Patrick Drew McDaniel, and others. Understanding Android Security, IEEE Security & Privacy, vol. 7, 1, p. 50–57, 2009. Anchor |
---|
| Encodings 2014 |
---|
| Encodings 2014 |
---|
|
[Encodings 2014] Supported Encodings, Oracle, 2014. Anchor |
---|
| Enterprise 03 |
---|
| Enterprise 03 |
---|
|
[Enterprise 2003] The O'Reilly Java Authors, Java Enterprise Best Practices, O'Reilly, Sebastopol, CA, 2003.[ESA 2005] Java Coding Standards, prepared by European Space Agency (ESA) Board for Software Standardisation and Control (BSSC), 2005.[Fahl 2012] Fahl, Sascha, et al. "Why Eve and Mallory love Android: An analysis of Android SSL (in) security." Proceedings of the 2012 ACM Conference on Computer and Communications Security. ACM, 2012.[Fairbanks 2007] Design Fragments, Defense Technical Information Center, Ft. Belvoir, VA, 2007.[FindBugs 2008] FindBugs Bug Descriptions, 2008.[Fisher 2003] Maydene Fisher, Jon Ellis, and Jonathan Bruce, JDBC API Tutorial and Reference, 3rd ed., Addison-Wesley, Boston, 2003.[Flanagan 2005] David Flanagan, Java in a Nutshell, 5th ed., O'Reilly, Sebastopol, CA, 2005.[Forman 05] Ira R. Forman and Nate Forman, Java Reflection in Action, Manning Publications, Greenwich, CT, 2005.[Fortify 2014] A Taxonomy of Coding Errors That Affect Security, Java/JSP, Fortify Software, 2014.[Fox 2001] Joshua Fox, When Is a Singleton Not a Singleton?, Sun Developer Network, 2001.[Fritz 2014] C. Fritz, S. Arzt, S. Rasthofer, E. Bodden, A. Bartel, J. Klein,Y. le Traon, D. Octeau, and P. McDaniel. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps. In Proc. PLDI, 2014. To appear.[FT 2008] Function Table Class FunctionTable, Field detail, public static FuncLoader m_functions, 2008.[Gafter 2006] Neal Grafter, Neal Gafter's blog, 2006.[Gamma 1995] Erich Gamma, Richard Helm, Ralph Johnson, and John M. Vlissides, Design Patterns: Elements of Reusable Object-Oriented Software, Addison-Wesley Professional, Boston, 1995.[Garfinkel 1996] Simson Garfinkel and Gene Spafford, Practical UNIX & Internet Security, 2nd ed., O'Reilly, Sebastopol, CA, 1996.[Garms 2001] Jess Garms and Daniel Somerfield, Professional Java Security, Wrox Press, Chicago, 2001.[GNU 2013] GNU Coding Standards, Section 5.3, "Clean Use of C Constructs," Richard Stallman and other GNU Project volunteers, 2013[Goetz 2002] Brian Goetz, Java Theory and Practice: Don't Let the "this" Reference Escape during Construction, IBM developerWorks (Java technology), 2002.[Goetz 2004a] Brian Goetz, Java Theory and Practice: Garbage Collection and Performance, IBM developerWorks (Java technology), 2004.[Goetz 2004b] Brian Goetz, Java Theory and Practice: The Exceptions Debate: To Check, or Not to Check?, IBM developerWorks (Java technology), 2004.[Goetz 2004c] Brian Goetz, Java Theory and Practice: Going Atomic, IBM developerWorks (Java technology), 2004.[Goetz 2005a] Brian Goetz, Java Theory and Practice: Be a Good (Event) Listener, Guidelines for Writing and Supporting Event Listeners, IBM developerWorks (Java technology), 2005.[Goetz 2006a] Brian Goetz, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, and Doug Lea, Java Concurrency in Practice, Addison-Wesley Professional, Boston, 2006.[Goetz 2006b] Brian Goetz, Java Theory and Practice: Good Housekeeping Practices, IBM developerWorks (Java technology), 2006.[Goetz 2007] Brian Goetz, Java Theory and Practice: Managing Volatility, Guidelines for Using Volatile Variables, IBM developerWorks (Java technology), 2006.[Goldberg 1991] David Goldberg, What Every Computer Scientist Should Know about Floating-Point Arithmetic, Sun Microsystems, March 1991.[Gong 2003] Li Gong, Gary Ellison, and Mary Dageforde, Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd ed., Prentice Hall, Boston, 2003.[Goodliffe 2014] Pete Goodliffe, Code Craft: The Practice of Writing Excellent Code, No Starch Press, San Francisco, 2007[Grand 2002] Mark Grand, Patterns in Java, Volume 1, 2nd ed., Wiley, New York, 2002.[Gray 1985] Jim Gray, Tandem TR 85.7 WHY DO COMPUTERS STOP AND WHAT CAN BE DONE ABOUT IT?, 1985.[Greanier 2000] Todd Greanier, Discover the Secrets of the Java Serialization API, Sun Developer Network (SDN), 2000.[Green 2008] Roedy Green, Canadian Mind Products Java & Internet Glossary, 2008.[Grigg 2006] Jeffery Grigg, Reflection On Inner Classes, 2006.[Grosso 2001] William Grosso, Java RMI, O'Reilly, Sebastopol, CA, 2001.[Grubb 2003] Penny Grubb and Armstrong A. Takang, Software Maintenance: Concepts and Practice, 2nd ed., World Scientific, River Edge, NJ, 2003. Anchor |
---|
| Guillardoy 12 |
---|
| Guillardoy 12 |
---|
|
[Guillardoy 2012] Esteban Guillardoy, Java 0Day Analysis (CVE-2012-4681), 2012.[Gupta 2005] Satish Chandra Gupta and Rajeev Palanki, Java Memory Leaks - Catch Me If You Can, 2005.[Haack 2006] Christian Haack, Erik Poll, Jan Schafer and Aleksy Schubert, Immutable Objects in Java, 2006.[Haggar 2000] Peter Haggar, Practical Java™ Programming Language Guide, Addison-Wesley Professional, Boston, 2000.[Halloway 2000] Stuart Halloway, Java Developer Connection Tech Tips, March 28, 2000.[Halloway 2001] Stuart Halloway, Java Developer Connection Tech Tips, January 30, 2001.[Harold 1997] Elliotte Rusty Harold, Java Secrets, Wiley, New York, 1997.[Harold 1999] Elliotte Rusty Harold, Java I/O, O'Reilly, Sebastopol, CA, 1999.[Harold 2006] Elliotte Rusty Harold, Java I/O, 2nd ed., O'Reilly, Sebastopol, CA, 2006.[Hatton 1995] Les Hatton, Safer C: Developing Software for High-Integrity and Safety-Critical Systems, McGraw-Hill, New York, 1995.[Hawtin 2008] Thomas Hawtin, Secure Coding Antipatterns: Preventing Attacks and Avoiding Vulnerabilities, Sun Microsystems, Make it Fly 2008, London, 2008.[Havelund 2009] Klaus Havelund and Al Niessner, JPL Coding Standard, version 1.1, California Institute of Technology, 2009.[Heffley 2004] J. Heffley and P. Meunier, Can Source Code Auditing Software Identify Common Vulnerabilities and Be Used to Evaluate Software Security? Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS–04), Track 9, Volume 9, IEEE Computer Society, January 2004.[Henney 2003] Kevlin Henney, Null Object, Something for Nothing, 2003.[Hewlett-Packard 2015] Hewlett-Packard Development Company, J2EE Bad Practices: Leftover Debug Code [generated from version 2015.1.0.0009 of the Fortify Secure Coding Rulepacks], 2015. Anchor |
---|
| Hirondelle 13 |
---|
| Hirondelle 13 |
---|
|
[Hirondelle 2013] Passwords Never Clear in Text, Hirondelle Systems, 2013.[Hitchens 2002] Ron Hitchens, Java™ NIO, O'Reilly, Sebastopol, CA, 2002.[Hovemeyer 2007] David Hovemeyer and William Pugh, Finding More Null Pointer Bugs, But Not Too Many, Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program Analysis for Software Tools and Engineering, 2007.[Howard 2002] Michael Howard and David C. LeBlanc, Writing Secure Code, 2nd ed., Microsoft Press, Redmond, WA, 2002.[Hughes 2011] Elliott Hughes, JNI Local Reference Changes in ICS, November 2011.[Hunt 1998] J. Hunt and F. Long, Java's Reliability: An Analysis of Software Defects in Java, Software IEEE Proceedings, 1998. Anchor |
---|
| IEC 60812 2006 |
---|
| IEC 60812 2006 |
---|
|
[IEC 60812 2006] Analysis Techniques for System Reliability — Procedure for Failure Mode and Effects Analysis (FMEA), 2nd ed., International Electrotechnical Commission, Geneva, Switzerland, 2006. Anchor |
---|
| IEEE 754 2006 |
---|
| IEEE 754 2006 |
---|
|
[IEEE 754 2006] IEEE, Standard for Binary Floating-Point Arithmetic (IEEE 754-1985), 2006. Anchor |
---|
| IETF OAuth1.0a |
---|
| IETF OAuth1.0a |
---|
|
[IETF OAuth1.0a] Internet Engineering Task Force (IETF). OAuth core 1.0 revision a. http://oauth.net/core/1.0a/.
Anchor |
---|
| IETF OAuth2.0 |
---|
| IETF OAuth2.0 |
---|
|
[IETF OAuth2.0] Internet Engineering Task Force (IETF). The OAuth 2.0 authorization framework. http://tools.ietf.org/html/rfc6749.
Anchor |
---|
| Intrepidus 2012 |
---|
| Intrepidus 2012 |
---|
|
[Intrepidus 2012] Intrepidus Group (Mobile Security), NDK File Permissions Gotcha and Fix , 2012.
Anchor |
---|
| ISO/IEC 11889-1-2009 |
---|
| ISO/IEC 11889-1-2009 |
---|
|
Anchor |
---|
| ISO-IEC 11889-1-2009 |
---|
| ISO-IEC 11889-1-2009 |
---|
|
[ISO/IEC 11889-1:2009] ISO/IEC. Information Technology—Trusted Platform Module—Part 1: Overview (ISO/IEC 11889-1:2009). Geneva, Switzerland: ISO, 2009. Anchor |
---|
| ISO/IEC TR 24772-2010 |
---|
| ISO/IEC TR 24772-2010 |
---|
|
[ISO/IEC TR 24772:2010] ISO/IEC TR 24772. Information Technology — Programming Languages — Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use, October 2010. Anchor |
---|
| ISO/IEC TR 24772-2013 |
---|
| ISO/IEC TR 24772-2013 |
---|
|
[ISO/IEC TR 24772:2013] ISO/IEC TR 24772:2013. Information Technology—Programming Languages—Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use. Geneva, Switzerland: International Organization for Standardization, March 2013.[J2SE 2000] Java™ 2 SDK, Standard Edition Documentation, Sun Microsystems, J2SE Documentation version 1.3, Sun Microsystems, 2000.[J2SE 2011] Java™ SE 7 Documentation, J2SE Documentation version 1.7, Oracle Corporation, 2011.[JarSpec 2008] J2SE Documentation version 1.5, Jar File Specification, Sun Microsystems, 2000.[Java 2006] Java - The Java Application Launcher, Sun Microsystems, 2006.[Java2NS 1999] Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani, Java 2 Network Security, Prentice Hall, Upper Saddle River, NJ, 1999. Anchor |
---|
| JavaGenerics 04 |
---|
| JavaGenerics 04 |
---|
|
[JavaGenerics 2004] Oracle, Generics, Sun Microsystems, 2004. Anchor |
---|
| JavaThreads 99 |
---|
| JavaThreads 99 |
---|
|
[JavaThreads 1999] Scott Oaks and Henry Wong, Java Threads, 2nd ed., O'Reilly, Sebastopol, CA, 1999. Anchor |
---|
| JavaThreads 04 |
---|
| JavaThreads 04 |
---|
|
[JavaThreads 2004] Scott Oaks and Henry Wong, Java Threads, 3rd ed., O'Reilly, Sebastopol, CA, 2004. Anchor |
---|
| Java Tutorials |
---|
| Java Tutorials |
---|
|
[Java Tutorials] The Java Tutorials, Sun Microsystems, 1995, 2015.[JCF 2014] The Java Collections Framework, Oracle, 2014.[JDK Bug 2015] JDK Bug System, Oracle, 2015.[JDK7 2008] Java™ Platform, Standard Edition 7 documentation, Sun Microsystems, December 2008.[JLS 2005] James Gosling, Bill Joy, Guy Steele, and Gilad Bracha, The Java Language Specification, 3rd ed., Prentice Hall, Upper Saddle River, NJ, 2005.[JLS 2015] James Gosling, Bill Joy, Guy Steele, Gilad Bracha, and Alex Buckley, The Java® Language Specification, Java SE 8 Edition, 2015.[JMX 2006] Monitoring and Management for the Java Platform, Sun Microsystems, 2006.[JMXG 2006] Java SE Monitoring and Management Guide, Sun Microsystems, 2006.[JNI 2006] Java Native Interface, Sun Microsystems, 2006.[JNISpec 2014] Java Native Interface Specification, Oracle, 2014.[JNI Tips] Java Tips, Android Training. Anchor |
---|
| Jovanovic 06 |
---|
| Jovanovic 06 |
---|
|
[Jovanovic 2006] Nenad Jovanovic, Christopher Kruegel, and Engin Kirda, Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper), Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), pp. 258–263, May 21–24, 2006.[JPDA 2004] Java Platform Debugger Architecture (JPDA), Sun Microsystems, 2004.[JPL 2006] Ken Arnold, James Gosling, and David Holmes, The Java™ Programming Language, 4th ed., Addison-Wesley Professional, Boston, 2006.[JSR-133 2004] JSR-133: Java™ Memory Model and Thread Specification, 2004.[JSSEC 2013] Android Secure Design and Coding Guidebook, (in Japanese),Japan Smartphone Security Association, 2013.[JSSEC 2014] Android Application Secure Design / Secure Coding Guidebook, Japan Smartphone Security Association, 2014.[JVMTI 2006] Java Virtual Machine Tool Interface (JVM TI), Sun Microsystems, 2006.[JVMSpec 1999] The Java Virtual Machine Specification, Sun Microsystems, 1999.[Kabanov 2009] Jevgeni Kabanov, The Ultimate Java Puzzler, February 16th, 2009.[Kabutz 2001] Heinz M. Kabutz, The Java Specialists' Newsletter, 2001. Anchor |
---|
| Kalinovsky 04 |
---|
| Kalinovsky 04 |
---|
|
[Kalinovsky 2004] Alex Kalinovsky, Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering, SAMS Publishing, Boston, 2004.[Klieber 2014] William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer. Android Taint Flow Analysis for App Sets, ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis, 2014.
Anchor |
---|
| Knoernschild 01 |
---|
| Knoernschild 01 |
---|
|
[Knoernschild 2001] Kirk Knoernschild, Java™ Design: Objects, UML, and Process, Addison-Wesley Professional, Boston, 2001.[Lai 2008] Charlie Lai, Java Insecurity: Accounting for Subtleties That Can Compromise Code, 2008.
[Langer 2008] Angelica Langer, Practicalities – Programming with Java Generics, 2008.[Laplante 2005] Phillip A. Laplante, Colin J. Neill, Antipatterns: Identification, Refactoring, and Management, Auerbach Publications, Boca Raton, FL, 2005.[Lea 2000a] Doug Lea, Concurrent Programming in Java, 2nd ed., Addison-Wesley Professional, Boston, 2000.[Lea 2000b] Doug Lea and William Pugh, Correct and Efficient Synchronization of Java™ Technology based Threads, JavaOne Conference, 2000.[Lea 2008] Doug Lea, The JSR-133 Cookbook for Compiler Writers, 2008.[Lee 2009] Sangjin Lee, Mahesh Somani, and Debashis Saha, Robust and Scalable Concurrent Programming: Lessons from the Trenches, JavaOne Conference, 2009.[Liang 1997] Sheng Liang, The Java™ Native Interface, Programmer's Guide and Specification, Addison-Wesley Professional, Reading, MA, 1997.[Liang 1998] Sheng Liang and Gilad Bracha, Dynamic Class Loading in the Java™ Virtual Machine, Proceedings of the 13th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, 1998.[Lieberman 1986] Henry Lieberman, Using Prototypical Objects to Implement Shared Behavior in Object-Oriented Systems, Proceedings on Object-Oriented Programming, Systems, Languages, and Applications, pp. 214–223 (ISSN 0362-1340), Massachusetts Institute of Technology, 1986.[Lo 2005] Chia-Tien Dan Lo, Witawas Srisa-an, and J. Morris Chang, Security Issues in Garbage Collection, STSC Crosstalk, October 2005.[Long 2005] Fred Long, Software Vulnerabilities in Java, CMU/SEI-2005-TN-044, Software Engineering Institute, Carnegie Mellon University, 2005.[Long 2013] Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, and David Svoboda, Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, Addison-Wesley Professional, Reading, MA, 2013.
[LSOD 02] Last Stage of Delirium Research Group, Java and Java Virtual Machine Security. Poland: Last Stage of Delirium Research Group, 2002.[Low 1997] Douglas Low, Protecting Java Code via Obfuscation, Crossroads Volume 4, Issue 3, 1997.[MacGregor 1998] Robert MacGregor, Dave Durbin, John Owlett, and Andrew Yeomans, Java Network Security, Prentice Hall PTR, Upper Saddle River, NJ, 1998.[Mahmoud 2002] Qusay H. Mahmoud, Compressing and Decompressing Data Using Java APIs, Oracle, 2002.[Mak 2002] Ronald Mak, Java Number Cruncher: The Java Programmer's Guide to Numerical Computing, Prentice Hall PTR, Upper Saddle River, NJ, 2002.[Manson 2008] Jeremy Manson, Data-Race-ful Lazy Initialization for Performance [blog], 2008.[Manson 2004] Jeremy Manson and Brian Goetz, JSR 133 (Java Memory Model) FAQ, 2004.[Manson 2006] Jeremy Manson and William Pugh, The Java™ Memory Model: The Building Block of Concurrency, JavaOne Conference, 2006.[Martin 1996] Robert C. Martin, Granularity, 1996.[Masson 2011] Neil D. Masson, Tip: Secure Your Code against the Finalizer Vulnerability, IBM developerWorks, 2011.
[McCluskey 2001] Glen McCluskey, Java Developer Connection Tech Tips, April 10, 2001.[McGraw 1999] Gary McGraw and Edward W. Felten, Securing Java, Getting Down to Business with Mobile Code, Wiley, New York, 1999.[McGraw 1998] Gary McGraw and Edward W. Felten, Twelve Rules for Developing More Secure Java Code, JavaWorld.com, 1998. Anchor |
---|
| Mettler 2010A |
---|
| Mettler 2010A |
---|
|
[Mettler 2010a] Adrian Mettler, David Wagner, and T. Close, Joe-E: A Security-Oriented Subset of Java, 17th Network & Distributed System Security Symposium, 2010. Anchor |
---|
| Mettler 2010B |
---|
| Mettler 2010B |
---|
|
[Mettler 2010b] Adrian Mettler and David Wagner, Class Properties for Security Review in an Object-Capability Subset of Java, Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS '10). ACM, Article 7, DOI=10.1145/1814217.1814224, 2010.[Miller 2009] Alex Miller, Java™ Platform Concurrency Gotchas, JavaOne Conference, 2009.[MITRE 2011] MITRE Corporation, Common Weakness Enumeration, 2011.[Mocha 2007] Mocha, the Java Decompiler, 2007.[Monsch 2006] Jan P. Monsch, Ruining Security with java.util.Random Version 1.0, 2006.[MSDN 2009] Microsoft Corporation, Using SQL Escape Sequences, 2009.[Muchow 2001] John W. Muchow, MIDlet Packaging with J2ME, ONJava.com, 2001.[Müller 2002] Dr. Andreas Müller and Geoffrey Simmons, Exception Handling: Common Problems and Best Practice with Java 1.4, Sun Microsystems GmbH, 2002.[Naftalin 2006a] Maurice Naftalin and Philip Wadler, Java Generics and Collections, O'Reilly, Sebastopol, CA, 2006.[Naftalin 2006b] Maurice Naftalin and Philip Wadler, Java™ Generics and Collections: Tools for Productivity, JavaOne Conference, 2007.[Netzer 1992] Robert H. B. Netzer and Barton P. Miller, What Are Race Conditions? Some Issues and Formalization, University of Wisconsin, Madison, 1992.[Neward 2004] Ted Neward, Effective Enterprise Java, Addison-Wesley Professional, Boston, 2004. Anchor |
---|
| Nisewanger 07 |
---|
| Nisewanger 07 |
---|
|
[Nisewanger 2007] Jeff Nisewanger, Avoiding Antipatterns, JavaOne Conference, 2007.[Nolan 2004] Godfrey Nolan, Decompiling Java, Apress, Berkley, CA, 2004.[Oaks 2001] Scott Oaks, Java Security, O'Reilly, Sebastopol, CA, 2001.[Octeau 2013] D. Octeau, P. McDaniel, S. Jha, A. Bartel, E. Bodden, J. Klein, and Y. Le Traon. Effective Inter-component communication mapping in Android with Epicc: An essential step towards holistic security analysis. In Proc. USENIX Security, 2013.
Anchor |
---|
| Open Group 04 |
---|
| Open Group 04 |
---|
|
[Open Group 2004] The IEEE and The Open Group, The Open Group Base Specifications Issue 6, 2004.[Oracle 2010a] Java SE 6 HotSpot™ Virtual Machine Garbage Collection Tuning, Oracle, 2010.[Oracle 2010b] New I/O APIs, Oracle, 2010.[Oracle 2011a] Java PKI Programmer's Guide, Oracle, 2011.[Oracle 2011b] Java Platform™, Standard Edition 6 Documentation, Oracle, 2011.[Oracle 2011c] Package javax.servelt.http, Oracle 2011.[Oracle 2011d] Permissions in the Java™ SE 6 Development Kit (JDK), Oracle, 2011.[Oracle 2013a] API for Privileged Blocks, Oracle, 1993/2013.[Oracle 2013b] Reading ASCII Passwords from an InputStream Example, Java Cryptography Architecture (JCA) Reference Guide, Oracle, 2013.[Oracle 2013c] Java Platform Standard Edition 7 Documentation, Oracle, 2013.[Oracle 2013d] Oracle Security Alert for CVE-2013-0422, Oracle, 2013.[Oracle 2014] Secure Coding Guidelines for Java SE, Version 5.0, Oracle, 2014.
[Oracle 2015] Oracle GlassFish Server Performance Tuning Guide, Tuning the Java Runtime System, Oracle, 2015.
[OWASP 2005] A Guide to Building Secure Web Applications and Web Services, Open Web Application Security Project (OWASP), 2005.[OWASP 2007] OWASP Top 10 for Java EE, OWASP, 2007.[OWASP 2009] Double Encoding, OWASP, 2009.[OWASP 2011] Open Web Application Security Project (OWASP), 2011.[OWASP 2014a] Preventing LDAP Injection in Java, OWASP, 2014.[OWASP 2014b] XSS (Cross Site Scripting) Prevention Cheat Sheet, OWASP, 2014.[PCI 2010] PCI Security Standards Council, Payment Card Industry (PCI) Data Security Standard, Version 2.0, October, 2010. Anchor |
---|
| Permissions 08 |
---|
| Permissions 08 |
---|
|
[Permissions 2008] Permissions in the Java™ SE 6 Development Kit (JDK), Sun Microsystems, 2008.[Philion 2003] Paul Philion, Beware the Dangers of Generic Exceptions, JavaWorld.com, 2003.[Phillips 2005] Addison P. Phillips, Are We Counting Bytes Yet?, 27th Internationalization and Unicode Conference, webMethods, 2005.[Pistoia 2004] Marco Pistoia, Nataraj Nagaratnam, Larry Koved, and Anthony Nadalin, Enterprise Java Security: Building Secure J2EE Applications, Addison-Wesley Professional, Boston, 2004.[Policy 2002] Sun Microsystems, Default Policy Implementation and Policy File Syntax, Document revision 1.6, 2002.[Pugh 2004] William Pugh, The Java Memory Model (discussions reference), 2004.[Pugh 2008] William Pugh, Defective Java Code: Turning WTF Code into a Learning Experience, JavaOne Conference, 2008.[Pugh 2009] William Pugh, Defective Java Code: Mistakes That Matter, JavaOne Conference, 2009.[Rapid7 2014] Jeroen Frijters and Juan Vazquez, Java AtomicReferenceArray Type Violation Vulnerability, 2014.[Reasoning 2003] Reasoning Inspection Service Defect Data Tomcat v 1.4.24, November 14, 2003.[Reflect 2006] Sun Microsystems, Reflection, 2006.[Rogue 2000] Vermeulen, Ambler, Metz, Misfeldt, Shur, and Thompson, The Elements of Java Style, Cambridge University Press, New York, 2000.[Rotem 2008] Arnon Rotem-Gal-Oz, Fallacies of Distributed Computing Explained, 2008.[Roubtsov 2003a] Vladimir Roubtsov, Breaking Java Exception-Handling Rules is Easy, JavaWorld.com, 2003.[Roubtsov 2003b] Vladimir Roubtsov, Into the Mist of Serialization Myths, JavaWorld.com, 2003.[Saltzer 1974] J. H. Saltzer, Protection and the Control of Information Sharing in Multics. Communications of the ACM 17, 7 (July 1974): 388–402.[Saltzer 1975] J. H. Saltzer and M. D. Schroeder, The Protection of Information in Computer Systems, Proceedings of the IEEE, Volume 63, Issue 9, 1975, 1278–1308.Available at http://web.mit.edu/Saltzer/www/publications/protection/.[SCG 2009] Sun Microsystems, Secure Coding Guidelines for the Java Programming Language, version 3.0, 2009.[Schildt 2007] Herb Schildt, Herb Schildt's Java Programming Cookbook, McGraw-Hill, New York, 2007.Schindler, Uwe. The Policeman’s Horror: Default Locales, Default Charsets, and Default Timezones, The Generics Policeman Blog, November 2012.[Schneier 2000] Bruce Schneier, Secrets and Lies—Digital Security in a Networked World, Wiley, New York, 2000. Anchor |
---|
| Schönefeld 02 |
---|
| Schönefeld 02 |
---|
|
[Schönefeld 2002] Marc Schönefeld, Security Aspects in Java Bytecode Engineering, Blackhat Briefings 2002, Las Vegas, August 2002. Anchor |
---|
| Schönefeld 04 |
---|
| Schönefeld 04 |
---|
|
[Schönefeld 2004] Marc Schönefeld, Java Vulnerabilities in Opera 7.54, BUGTRAQ Mailing List (bugtraq@securityfocus.com), November 2004.[Schwarz 2004] Don Schwarz, Avoiding Checked Exceptions, ONJava 2004. Anchor |
---|
| Schweisguth 03 |
---|
| Schweisguth 03 |
---|
|
[Schweisguth 2003] Dave Schweisguth, Java Tip 134: When Catching Exceptions, Don't Cast Your Net Too Wide, Javaworld.com, 2003.[SDN 2008] Sun Microsystems, SUN Developer Network, 1994–2008.[Seacord 2005] Robert C. Seacord, Secure Coding in C and C++, Addison-Wesley Professional, Boston, 2005.[Seacord 2008] Robert C. Seacord,The CERT C Secure Coding Standard, Addison-Wesley Professional, Boston, 2008.[Seacord 2010] Robert C. Seacord, William Dormann, James McCurley, Philip Miller, Robert Stoddard, David Svoboda, and Jefferson Welch, Source Code Analysis Laboratory (SCALe) for energy delivery systems, CMU/SEI-2010-TR-021, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, December 2010.[Seacord 2013] Seacord, Robert C. Secure Coding in C and C++, 2nd ed. Addison-Wesley, Boston, 2013.[Seacord 2015] Seacord, Robert C. Secure Coding Rules for Java. Addison-Wesley Professional, Boston, 2013.[SecArch 2006] Sun Microsystems, Java 2 Platform Security Architecture, 2006.[Secunia 2008] Secunia ApS, Secunia Advisories, 2008.[Security 2006] Java Security Guides, Sun Microsystems, 2006. Anchor |
---|
| SecuritySpec 08 |
---|
| SecuritySpec 08 |
---|
|
[SecuritySpec 2008] Sun Microsystems, Java Security Architecture, 2008. [Sen 2007] Robi Sen, Avoid the Dangers of XPath Injection, IBM developerWorks, 2007. Anchor |
---|
| Shipilёv 2014 |
---|
| Shipilёv 2014 |
---|
|
[Shipilёv 2014] Shipilёv, Aleksey, Safe Publication and Safe Initialization in Java, December 2014.
[Steel 2005] Christopher Steel, Ramesh Nagappan, and Ray Lai, Core Security Patterns: Best Practices and Strategies for J2EEâ„¢, Web Services, and Identity Management, Prentice Hall PTR, Upper Saddle River, NJ, 2005.[Steele 1977] G.L. Steele, Arithmetic Shifting Considered Harmful, ACM SIGPLAN Notices, Volume 12, Issue 11 (1977), 61–69.[Steinberg 2005] Daniel H. Steinberg, Java Developer Connection Tech Tips Using the Varargs Language Feature, January 4, 2005.[Sterbenz 2006] Andreas Sterbenz and Charlie Lai, Secure Coding Antipatterns: Avoiding Vulnerabilities, Sun Microsystems, JavaOne Conference, 2006.[Steuck 2002] Gregory Steuck, XXE (Xml eXternal Entity) Attack, 2002.[Sun 1999] Why Are Thread.stop, Thread.suspend, Thread.resume and Runtime.runFinalizersOnExit Deprecated?, Sun Microsystems, 1999.[Sun 2002] Reflection, Sun Microsystems, 2002.[Sun 2003] Sun Microsystems, Sun ONE Application Server 7 Performance Tuning Guide, 2003.[Sun 2004a] Java Management Extensions (JMX), Sun Microsystems, 2004.[Sun 2004b] Java Object Serialization Specification, Version 1.5.0, Sun Microsystems, 2004.[Sun 2004d] JVM Tool Interface, Sun Microsystems, 2004.[Sun 2006] Java™ Platform, Standard Edition 6 documentation, Sun Microsystems, 2006.[Sun 2008] Java™ Plug-in and Applet Architecture, Sun Microsystems, 2008. Anchor |
---|
| Sutherland 10 |
---|
| Sutherland 10 |
---|
|
[Sutherland 2010] Dean F. Sutherland and William L. Scherlis, Composable Thread Coloring, Proceedings of the 15th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming, Association for Computing Machinery, New York, 2010. Anchor |
---|
| Tanenbaum 03 |
---|
| Tanenbaum 03 |
---|
|
[Tanenbaum 2003] Andrew S. Tanenbaum and Maarten Van Steen, Distributed Systems: Principles and Paradigms, 2nd ed., Prentice Hall, Upper Saddle River, NJ, 2003.[Techtalk 2007] Josh Bloch and William Pugh, The PhantomReference Menace. Attack of the Clone. Revenge of the Shift, JavaOne Conference, 2007.[Tomcat 2009] Apache Software Foundation, Changelog and Security fixes, Tomcat documentation, 2009.[Unicode 2003] The Unicode Consortium, The Unicode Standard, Version 4.0.0, defined by The Unicode Standard, Version 4.0, Addison-Wesley, Reading, MA, 2003.[Unicode 2007] The Unicode Consortium, The Unicode Standard, Version 5.1.0, defined by The Unicode Standard, Version 5.0, Addison-Wesley, Reading, MA, 2007, as amended by Unicode 5.1.0.[Unicode 2011] The Unicode Consortium, The Unicode Standard, Version 6.0.0, The Unicode Consortium, Mountain View, CA, 2011.[Unicode 2012] The Unicode Consortium. The Unicode Standard, Unicode 6.2.0, (Mountain View, CA: The Unicode Consortium, 2012. ISBN 978-1-936213-07-8)[Urma 2014] Raoul-Gabriel Urma, Tired of Null Pointer Exceptions? Consider Using Java SE 8's Optional!, Oracle, March 2014.[Venners 1997] Bill Venners, Security and the Class Loader Architecture, Java World.com, 1997.[Venners 2003] Bill Venners, Failure and Exceptions, A Conversation with James Gosling, Part II, Artima.com, 2003.[Verify] Verifying App Behavior on the Android Runtime (ART), Android.[Vermeulen 2000] Allan Vermeulen, Scott W. Ambler, Greg Bumgardner, Eldon Metz, Trevor Misfeldt, Jim Shur, and Patrick Thompson. The Elements of Java™ Style. Cambridge University Press, New York, 2000. Anchor |
---|
| viaForensics 14 |
---|
| viaForensics 14 |
---|
|
[viaForensics 2014] Secure mobile development best practices, viaForensics LLC., 2014.[W3C 2008] Tim Bray, Jean Paoli, C. M. Sperberg-McQueen, Eve Maler, and François Yergeau, Extensible Markup Language (XML) 1.0, 5th ed., W3C Recommendation, 2008.[W3C 2013] Andrei Popescu, Geolocation API Specification, W3C Recommendation, 2013.[Ware 2008] Michael S. Ware, Writing Secure Java Code: A Taxonomy of Heuristics and an Evaluation of Static Analysis Tools, Masters thesis, James Madison University, Harrisonburg, VA, 2008.[Weber 2009] Chris Weber, Exploiting Unicode-enabled Software, CanSecWest, March 2009.[Wheeler 2003] David A. Wheeler, Secure Programming for Linux and Unix HOWTO, 2003.[White 2003] Tom White, Memoization in Java Using Dynamic Proxy Classes, August 2003.[Zukowski 2004] John Zukowski, Creating Custom Security Permissions, Java Developer Connection Tech Tips, May 18, 2004. Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dc69f712-ced0-4630-bd59-e9c1b2c08caf"><ac:parameter ac:name="">Abadi 96</ac:parameter></ac:structured-macro>
\[Abadi 1996\] Martin Abadi and Roger Needham, Prudent Engineering Practice for Cryptographic Protocols, _IEEE Transactions on Software Engineering_ Volume 22, Issue 1, 1996, 6 - 15. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="27b6891d-2eaf-4c7d-92c6-4b01b30c31c9"><ac:parameter ac:name="">API 06</ac:parameter></ac:structured-macro>
\[API 2006\] [Java Platform, Standard Edition 6 API Specification|http://java.sun.com/javase/6/docs/api/], Sun Microsystems, 2006.
Available at http://download.oracle.com/javase/6/docs/api/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6b679350-c65d-4704-85a7-82a3ea00c91d"><ac:parameter ac:name="">Austin 00</ac:parameter></ac:structured-macro>
\[Austin 2000\] Calvin Austin and Monica Pawlan, [_Advanced Programming for the Java 2 Platform_ |http://java.sun.com/developer/onlineTraining/Programming/JDCBook/index.html#contents], Addison-Wesley Longman, Boston, 2000. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4ce9bb76-e6c2-4dcf-a689-6663b636ca88"><ac:parameter ac:name="">Black 04</ac:parameter></ac:structured-macro>
\[Black 2004\] Paul E. Black and Paul J. Tanenbaum, partial order, in _Dictionary of Algorithms and Data Structures_ \[online\], Paul E. Black, ed., U.S. National Institute of Standards and Technology, December 17, 2004. (accessed TODAY) Available at [http://xlinux.nist.gov/dads/HTML/partialorder.html] |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c3949f05-eb60-4394-af66-f417f297493e"><ac:parameter ac:name="">Black 06</ac:parameter></ac:structured-macro>
\[Black 2006\] Paul E. Black and Paul J. Tanenbaum, total order, in _Dictionary of Algorithms and Data Structures_ \[online\], Paul E. Black, ed., U.S. National Institute of Standards and Technology. March 30, 2006. (accessed TODAY) Available at [http://xlinux.nist.gov/dads/HTML/totalorder.html] |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3f64d6e8-64c9-4462-bb70-ff5f3d916d91"><ac:parameter ac:name="">Bloch 01</ac:parameter></ac:structured-macro>
\[Bloch 2001\] Joshua Bloch, _Effective Java: Programming Language Guide_, Addison-Wesley Professional, Boston, 2001. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1fc1ec05-d2bc-4687-bb2f-bce4a0a08710"><ac:parameter ac:name="">Bloch 05</ac:parameter></ac:structured-macro>
\[Bloch 2005a\] Joshua Bloch and Neal Gafter, _Javaâ„¢ Puzzlers: Traps, Pitfalls, and Corner Cases_, Addison-Wesley Professional, Boston, 2005. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1595ad4c-e540-493a-acd6-ffe5cfc495aa"><ac:parameter ac:name="">Bloch 05b</ac:parameter></ac:structured-macro>
\[Bloch 2005b\] Joshua Bloch and Neal Gafter, [Yet More Programming Puzzlers|http://gceclub.sun.com.cn/java_one_online/2005/TS-3738/], JavaOne Conference, 2005. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ca83fda0-22d9-439f-aaae-12ca59773852"><ac:parameter ac:name="">Bloch 07</ac:parameter></ac:structured-macro>
\[Bloch 2007\] Joshua Bloch, [Effective Javaâ„¢ Reloaded: This Time It's (Not) for Real|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2689.pdf], JavaOne Conference, 2007.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="92ffe41f-86be-490e-a402-6e6519e6ad90"><ac:parameter ac:name="">Bloch 08</ac:parameter></ac:structured-macro> |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="319745a3-c736-4f96-aee5-eb5c7ad51696"><ac:parameter ac:name="">Bloch 08</ac:parameter></ac:structured-macro>
\[Bloch 2008\] Joshua Bloch, _Effective Java_, 2nd ed., Addison-Wesley Professional, Boston, 2008. |
...
Wiki Markup |
---|
\[Bloch 2009\] Joshua Bloch and Neal Gafter, [Return of the Puzzlers: Schlock and Awe|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-5186.pdf], JavaOne Conference, 2009. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9e2c1cdd-2262-4566-a99f-f7be8b84a2db"><ac:parameter ac:name="">Boehm 05</ac:parameter></ac:structured-macro>
\[Boehm 2005\] Hans-J. Boehm, Finalization, Threads, and the Javaâ„¢ Technology-Based Memory Model, JavaOne Conference, 2005. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="afac8d0d-010d-4fdb-b1bc-2e00eb380cd7"><ac:parameter ac:name="">Campione 96</ac:parameter></ac:structured-macro>
\[Campione 1996\] Mary Campione and Kathy Walrath, [_The Java Tutorial: Object-Oriented Programming for the Internet_|http://www.telecom.ntua.gr/HTML.Tutorials/index.html], Addison-Wesley, Reading, MA, 1996. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5329b2a7-e634-4d75-bb2e-1a386e122fe5"><ac:parameter ac:name="">CCITT 88</ac:parameter></ac:structured-macro>
\[CCITT 1988\] CCITT. _CCITT Blue Book_, Recommendation X.509 and IS0 9594-8: The Directory-Authentication Framework, International Telecommunication Union, Geneva, 1988. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b03efaf3-8c8f-4567-96a8-9a9a98a2c164"><ac:parameter ac:name="">Chan 99</ac:parameter></ac:structured-macro>
\[Chan 1999\] Patrick Chan, Rosanna Lee, and Douglas Kramer, _The Java Class Libraries: Supplement for the Java 2 Platform_, v1.2, 2nd ed., Volume 1, Prentice Hall, Upper Saddle River, NJ, 1999. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="35cce82f-5d2b-4e60-b912-a0ff1c3435c3"><ac:parameter ac:name="">Chess 07</ac:parameter></ac:structured-macro>
\[Chess 2007\] Brian Chess and Jacob West, _Secure Programming with Static Analysis_, Addison-Wesley Professional, Boston, MA, 2007. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0b0bcf18-8628-4ec8-80d7-ecf5d2fe1330"><ac:parameter ac:name="">Christudas 05</ac:parameter></ac:structured-macro>
\[Christudas 2005\] [Internals of Java Class Loading|http://www.onjava.com/pub/a/onjava/2005/01/26/classloading.html], ONJava, 2005.
Available at http://onjava.com/pub/a/onjava/2005/01/26/classloading.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1b1315cc-3460-41a2-9c73-f3d8d02b1174"><ac:parameter ac:name="">Cohen 81</ac:parameter></ac:structured-macro>
\[Cohen 1981\] [On Holy Wars and a Plea for Peace|http://dx.doi.org/10.1109/C-M.1981.220208], _IEEE Computer_, Volume 14, Issue 10, 1981. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b640cb17-f9a7-4df6-bfeb-61a7340aa48c"><ac:parameter ac:name="">Conventions 09</ac:parameter></ac:structured-macro>
\[Conventions 2009\] [Code Conventions for the Java Programming Language|http://java.sun.com/docs/codeconv/], Sun Microsystems, 2009.
Available at http://www.oracle.com/technetwork/java/codeconv-138413.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1b5cdbf0-7d36-4bfe-b088-bd4290e1df47"><ac:parameter ac:name="">CVE 11</ac:parameter></ac:structured-macro>
\[CVE 2011\] Common Vulnerabilities and Exposures, MITRE Corporation, 2011. Available at http://cve.mitre.org. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c4d7ff8e-ca71-429c-a326-11bd86f13237"><ac:parameter ac:name="">Coomes 07</ac:parameter></ac:structured-macro>
\[Coomes 2007\] John Coomes, Peter Kessler, and Tony Printezis, [Garbage Collection-Friendly Programming|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2906.pdf], Java SE Garbage Collection Group, Sun Microsystems, JavaOne Conference, 2007. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6ec1013e-b8a3-4b8c-8be9-52d5983b7ebd"><ac:parameter ac:name="">Core Java 04</ac:parameter></ac:structured-macro>
\[Core Java 2004\] Cay S. Horstmann and Gary Cornell, _Core Javaâ„¢ 2 Volume I - Fundamentals_, 7th ed., Prentice Hall PTR, Boston, 2004. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d740f1db-5411-4c32-a8d4-8a425ec93c5c"><ac:parameter ac:name="">Cunningham 95</ac:parameter></ac:structured-macro>
\[Cunningham 1995\] Ward Cunningham, The CHECKS Pattern Language of Information Integrity, in _Pattern Languages of Program Design_, James O Coplien and Douglas C Schmidt (eds.), Addison-Wesley Professional, Reading, MA, 1995. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a5e18d4-f5a1-4543-b271-6a221c2c323d"><ac:parameter ac:name="">Daconta 00</ac:parameter></ac:structured-macro>
\[Daconta 2000\] Michael C. Daconta, [When Runtime.exec() Won't|http://www.javaworld.com/javaworld/jw-12-2000/jw-1229-traps.html], JavaWorld.com, 2000. Available at http://www.javaworld.com/javaworld/jw-12-2000/jw-1229-traps.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a474bcc8-8b9c-4f42-9fa6-4cf4714aae15"><ac:parameter ac:name="">Daconta 03</ac:parameter></ac:structured-macro>
\[Daconta 2003\] Michael C. Daconta, Kevin T. Smith, Donald Avondolio and W. Clay Richardson, _More Java Pitfalls_, Wiley Publishing, New York, 2003. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d5d6e61-b114-4a29-bd83-81e621aaaf46"><ac:parameter ac:name="">Darwin 04</ac:parameter></ac:structured-macro>
\[Darwin 2004\] Ian F. Darwin, _Java Cookbook_, O'Reilly, Sebastopol, CA, 2004. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="31b0eb85-3af3-495e-9cdb-93bd146ba1e0"><ac:parameter ac:name="">Davis 08</ac:parameter></ac:structured-macro>
\[Davis 2008a\] Mark Davis and Martin Dürst, [Unicode Standard Annex #15, Unicode Normalization Forms|http://unicode.org/reports/tr15/], 2008. Available at http://unicode.org/reports/tr15/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0affedd1-6bdf-4dc2-9563-f6e9ffccf77c"><ac:parameter ac:name="">Davis 08b</ac:parameter></ac:structured-macro>
\[Davis 2008b\] Mark Davis and Michel Suignard, [Unicode Technical Report #36, Unicode Security Considerations|http://www.unicode.org/reports/tr36/], 2008. Available at http://unicode.org/reports/tr36/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0d897499-0770-43b9-aaae-359dbbd8e953"><ac:parameter ac:name="">Dennis 1966</ac:parameter></ac:structured-macro>
\[Dennis 1966\] Jack B. Dennis and Earl C. Van Horn, Programming Semantics for Multiprogrammed Computations, _Communications of the ACM_ Volume 9, Issue 3, March 1966, pp. 143-155, DOI=10.1145/365230.365252 [http://doi.acm.org/10.1145/365230.365252]. Available at http://doi.acm.org/10.1145/365230.365252. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8ae21b40-d644-4148-8353-c4bfbaa30eaa"><ac:parameter ac:name="">DHS 06</ac:parameter></ac:structured-macro>
\[DHS 2006\] [Build Security In|https://buildsecurityin.us-cert.gov/], U.S. Department of Homeland Security, 2006. Available at https://buildsecurityin.us-cert.gov/bsi/home.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="84d8fec9-ef8d-4ae3-ab6b-5b0f53243c4e"><ac:parameter ac:name="">Dormann 08</ac:parameter></ac:structured-macro>
\[Dormann 2008\] Will Dormann, [Signed Java Applet Security: Worse than ActiveX?|http://www.cert.org/blogs/vuls/2008/06/signed_java_security_worse_tha.html], CERT Vulnerability Analysis Blog, 2008. Available at http://www.cert.org/blogs/certcc/2008/06/signed_java_security_worse_tha.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1bcfc384-b61f-4817-94ca-303f1dae3fa8"><ac:parameter ac:name="">Doshi 03</ac:parameter></ac:structured-macro>
\[Doshi 2003\] Gunjan Doshi, [Best Practices for Exception Handling|http://www.onjava.com/pub/a/onjava/2003/11/19/exceptions.html], ONJava.com, 2003. Available at http://onjava.com/pub/a/onjava/2003/11/19/exceptions.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3d2b8d17-f9fd-4e86-8e89-7209809c6156"><ac:parameter ac:name="">Dougherty 2009</ac:parameter></ac:structured-macro>
\[Dougherty 2009\] Chad Dougherty, Kirk Sayre, Robert C. Seacord, David Svoboda, and Kazuya Togashi, [_Secure Design Patterns_|http://www.sei.cmu.edu/library/abstracts/reports/09tr010.cfm], CMU/SEI-2009-TR-010, Defense Technical Information Center, Ft. Belvoir, VA, 2009. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c8e54617-f51c-4caa-ab16-29040640d114"><ac:parameter ac:name="">Eclipse 08</ac:parameter></ac:structured-macro>
\[Eclipse 2008\] The Eclipse Platform, 2008. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0007d0bf-74e8-4631-931d-94242d21ffbd"><ac:parameter ac:name="">Encodings 06</ac:parameter></ac:structured-macro>
\[Encodings 2006\] [Supported Encodings|http://java.sun.com/javase/6/docs/technotes/guides/intl/encoding.doc.html], Sun Microsystems, 2006. Available at http://download.oracle.com/javase/6/docs/technotes/guides/intl/encoding.doc.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="de86bd4a-c6b5-488c-a2d0-23ab84a4eff6"><ac:parameter ac:name="">EMA 2011</ac:parameter></ac:structured-macro>
\[EMA 2011\] [Java SE 6 Documentation, Extension Mechanism Architecture|http://download.oracle.com/javase/6/docs/technotes/guides/extensions/spec.html], Sun Microsystems, 2011. Available at http://download.oracle.com/javase/6/docs/technotes/guides/extensions/spec.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6c0b5867-f99e-40e2-8d32-2e014e7debc2"><ac:parameter ac:name="">Enterprise 03</ac:parameter></ac:structured-macro>
\[Enterprise 2003\] The O'Reilly Java Authors, _Java Enterprise Best Practices_, O'Reilly, Sebastopol, CA, 2003. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b2719d04-edca-465b-a350-659fddec1125"><ac:parameter ac:name="">ESA 05</ac:parameter></ac:structured-macro>
\[ESA 2005\] [Java Coding Standards|ftp://ftp.estec.esa.nl/pub/wm/wme/bssc/Java-Coding-Standards-20050303-releaseA.pdf], prepared by European Space Agency (ESA) Board for Software Standardisation and Control (BSSC), 2005. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5c264ebd-8804-487a-8abd-5000efaf6e32"><ac:parameter ac:name="">Fairbanks 07</ac:parameter></ac:structured-macro>
\[Fairbanks 2007\] [_Design Fragments_|http://reports-archive.adm.cs.cmu.edu/anon/isri2007/abstracts/07-108.html], Defense Technical Information Center, Ft. Belvoir, VA, 2007. Available at http://reports-archive.adm.cs.cmu.edu/anon/isri2007/abstracts/07-108.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5bd3e7e2-da70-4f3d-8289-284d9ef7927e"><ac:parameter ac:name="">FindBugs 08</ac:parameter></ac:structured-macro>
\[FindBugs 2008\] [FindBugs Bug Descriptions|http://findbugs.sourceforge.net/bugDescriptions.html], 2008. Available at http://findbugs.sourceforge.net. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2e5c26ac-682b-4f6e-9752-4926f0a33389"><ac:parameter ac:name="">Fisher 03</ac:parameter></ac:structured-macro>
\[Fisher 2003\] Maydene Fisher, Jon Ellis, and Jonathan Bruce, _JDBC API Tutorial and Reference_, 3rd ed., Addison-Wesley, Boston, MA, 2003. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bd37b394-3595-4696-8ca8-3456bb8ee292"><ac:parameter ac:name="">Flanagan 05</ac:parameter></ac:structured-macro>
\[Flanagan 2005\] David Flanagan, _Java in a Nutshell_, 5th ed., O'Reilly, Sebastopol, CA, 2005. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="154dad17-ce75-4bbb-86cd-36f33f0d9b6c"><ac:parameter ac:name="">Forman 05</ac:parameter></ac:structured-macro>
\[Forman 05\] Ira R. Forman and Nate Forman, _Java Reflection in Action_, Manning Publications, Greenwich, CT, 2005. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0bd3ff5b-b42d-48a2-9d85-37ebd68b5d19"><ac:parameter ac:name="">Fortify 08</ac:parameter></ac:structured-macro>
\[Fortify 2008\] [A Taxonomy of Coding Errors that Affect Security|http://www.fortify.com/vulncat/en/vulncat/index.html], Java/JSP, Fortify Software, 2008. Available at https://www.fortify.com/vulncat/en/vulncat/index.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d2f47eb2-a878-4b78-a84b-611fcd4cde1c"><ac:parameter ac:name="">Fox 01</ac:parameter></ac:structured-macro>
\[Fox 2001\] Joshua Fox, When is a Singleton Not a Singleton?, Sun Developer Network, 2001. Available at http://www.javaworld.com/javaworld/jw-01-2001/jw-0112-singleton.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eee47883-6e35-41d2-9325-4971b102e8dc"><ac:parameter ac:name="">FT 08</ac:parameter></ac:structured-macro>
\[FT 2008\] [Function Table|http://www.stylusstudio.com/api/xalan-j_2_6_0/org/apache/xpath/compiler/FunctionTable.htm] Class FunctionTable, Field detail, public static FuncLoader m_functions, 2008. Available at http://www.stylusstudio.com/api/xalan-j_2_6_0/org/apache/xpath/compiler/FunctionTable.htm. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ca33de9b-2a3e-443c-a5cd-477a92bbbaae"><ac:parameter ac:name="">Gafter 06</ac:parameter></ac:structured-macro>
\[Gafter 2006\] Neal Grafter, [Neal Gafter's blog|http://gafter.blogspot.com/], 2006. Available at http://gafter.blogspot.com. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="63d59b38-db06-4da6-b34e-7635e1f40138"><ac:parameter ac:name="">Gamma 95</ac:parameter></ac:structured-macro>
\[Gamma 1995\] Erich Gamma, Richard Helm, Ralph Johnson, and John M. Vlissides, _Design Patterns: Elements of Reusable Object-Oriented Software_, Addison-Wesley Professional, Boston, MA, 1995. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8788be27-fcf2-4c5a-9206-4cc18db0817f"><ac:parameter ac:name="">Garfinkel 96</ac:parameter></ac:structured-macro>
\[Garfinkel 1996\] Simson Garfinkel and Gene Spafford, _Practical UNIX & Internet Security_, 2nd ed., O'Reilly, Sebastopol, CA, 1996. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="54908e74-818e-422a-bf3d-a6399b399423"><ac:parameter ac:name="">Garms 01</ac:parameter></ac:structured-macro>
\[Garms 2001\] Jess Garms and Daniel Somerfield, _Professional Java Security_, Wrox Press, Chicago, 2001. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="995c4c8c-3ba4-4610-b050-c41061fe1378"><ac:parameter ac:name="">Goetz 02</ac:parameter></ac:structured-macro>
\[Goetz 2002\] Brian Goetz, [Java Theory and Practice: Don't Let the "this" Reference Escape during Construction|http://www.ibm.com/developerworks/java/library/j-jtp0618.html], IBM developerWorks (Java technology), 2002. Available at http://www.ibm.com/developerworks/java/library/j-jtp0618/index.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b480088-5dee-46b8-8576-52ae726f3478"><ac:parameter ac:name="">Goetz 04</ac:parameter></ac:structured-macro>
\[Goetz 2004a\] Brian Goetz, [Java Theory and Practice: Garbage Collection and Performance|http://www.ibm.com/developerworks/java/library/j-jtp01274.html], IBM developerWorks (Java technology), 2004. Available at http://www.ibm.com/developerworks/java/library/j-jtp01274/index.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f10e585b-1ccb-4bd1-af67-4e27fa874fe0"><ac:parameter ac:name="">Goetz 04b</ac:parameter></ac:structured-macro>
\[Goetz 2004b\] Brian Goetz,[Java Theory and Practice: The Exceptions Debate: To Check, or Not to Check?|http://www.ibm.com/developerworks/library/j-jtp05254.html], IBM developerWorks (Java technology), 2004. Available at http://www.ibm.com/developerworks/java/library/j-jtp05254/index.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c3b5d7ac-2ad0-41f8-9e72-5c39b691c277"><ac:parameter ac:name="">Goetz 04c</ac:parameter></ac:structured-macro>
\[Goetz 2004c\] Brian Goetz, [Java Theory and Practice: Going Atomic|http://www.ibm.com/developerworks/java/library/j-jtp11234/], IBM developerWorks (Java technology), 2004. Available at http://www.ibm.com/developerworks/java/library/j-jtp11234/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ef064a2f-d7c9-4009-8b17-f2c68c8b2c43"><ac:parameter ac:name="">Goetz 05</ac:parameter></ac:structured-macro>
\[Goetz 2005a\] Brian Goetz, [Java Theory and Practice: Be a Good (Event) Listener, Guidelines for Writing and Supporting Event Listeners|http://www.ibm.com/developerworks/java/library/j-jtp07265/index.html], IBM developerWorks (Java technology), 2005. Available at http://www.ibm.com/developerworks/java/library/j-jtp07265/index.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6dbcb6ce-c4c2-4be9-aa84-20f5efc03c15"><ac:parameter ac:name="">Goetz 05b</ac:parameter></ac:structured-macro>
\[Goetz 2005b\] Brian Goetz, [Java Theory and Practice: Plugging Memory Leaks with Weak References|http://www.ibm.com/developerworks/java/library/j-jtp11225/], IBM developerWorks (Java technology), 2005. Available at http://www.ibm.com/developerworks/java/library/j-jtp11225/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="10769927-150f-49a2-8987-1d5f65f215f0"><ac:parameter ac:name="">Goetz 06</ac:parameter></ac:structured-macro>
\[Goetz 2006a\] Brian Goetz, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, and Doug Lea, _Java Concurrency in Practice_, Addison-Wesley Professional, Boston, MA, 2006. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dc385fa0-0bed-46ab-9b77-999441f883d0"><ac:parameter ac:name="">Goetz 06b</ac:parameter></ac:structured-macro>
\[Goetz 2006b\] Brian Goetz, [Java Theory and Practice: Good Housekeeping Practices|http://www.ibm.com/developerworks/java/library/j-jtp03216.html], IBM developerWorks (Java technology), 2006. Available at http://www.ibm.com/developerworks/java/library/j-jtp03216/index.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="67ce729e-a779-4771-8e7f-2efc48cd822a"><ac:parameter ac:name="">Goetz 07</ac:parameter></ac:structured-macro>
\[Goetz 2007\] Brian Goetz, [Java Theory and Practice: Managing Volatility, Guidelines for Using Volatile Variables|http://www.ibm.com/developerworks/java/library/j-jtp06197.html], IBM developerWorks (Java technology), 2006. Available at http://www.ibm.com/developerworks/java/library/j-jtp06197/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ab6368d0-0f71-4591-82a5-6c77926c759a"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro>
\[Goldberg 1991\] David Goldberg, [What Every Computer Scientist Should Know About Floating-Point Arithmetic|http://docs.sun.com/source/806-3568/ncg_goldberg.html], Sun Microsystems, March 1991. Available at http://download.oracle.com/docs/cd/E19957-01/806-3568/ncg_goldberg.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="07438d54-1ad6-4ba2-aa40-28d5849716b3"><ac:parameter ac:name="">Gong 03</ac:parameter></ac:structured-macro>
\[Gong 2003\] Li Gong, Gary Ellison, and Mary Dageforde, _Inside Java 2 Platform Security: Architecture, API Design, and Implementation_, 2nd ed., Prentice Hall, Boston, MA, 2003. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c4e8e92d-f7a4-466d-b5e8-04294b59e17e"><ac:parameter ac:name="">Grand 02</ac:parameter></ac:structured-macro>
\[Grand 2002\] Mark Grand, _Patterns in Java_, Volume 1, 2nd ed., Wiley, New York, 2002. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f2d7260e-473c-4244-85b1-c66e199fb782"><ac:parameter ac:name="">Greanier 00</ac:parameter></ac:structured-macro>
\[Greanier 2000\] Todd Greanier, [Discover the Secrets of the Java Serialization API|http://java.sun.com/developer/technicalArticles/Programming/serialization/], Sun Developer Network (SDN), 2000. Available at http://java.sun.com/developer/technicalArticles/Programming/serialization/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e2963426-7570-4a2c-ab0c-9ef9e86f1c1f"><ac:parameter ac:name="">Green 08</ac:parameter></ac:structured-macro>
\[Green 2008\] Roedy Green, [Canadian Mind Products Java & Internet Glossary|http://mindprod.com/jgloss/jgloss.html], 2008. Available at http://mindprod.com/jgloss/jgloss.html. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="44d15965-9d83-48df-b0f1-ebf5372d0756"><ac:parameter ac:name="">Grigg 06</ac:parameter></ac:structured-macro>
\[Grigg 2006\] Jeffery Grigg, [Reflection On Inner Classes|http://www.c2.com/cgi/wiki?ReflectionOnInnerClasses], 2006. Available at http://www.c2.com/cgi/wiki?ReflectionOnInnerClasses |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="af3fee31-09a8-4686-b59c-efbd02b35ca7"><ac:parameter ac:name="">Grosso 01</ac:parameter></ac:structured-macro>
\[Grosso 2001\] William Grosso, [Java RMI|http://oreilly.com/catalog/javarmi/chapter/ch10.html], O'Reilly, Sebastopol, CA, 2001. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e46dc3ab-ade6-45c9-9dcb-664dbadd7c2d"><ac:parameter ac:name="">Gupta 05</ac:parameter></ac:structured-macro>
\[Gupta 2005\] Satish Chandra Gupta and Rajeev Palanki, [Java Memory Leaks - Catch Me If You Can|http://www.ibm.com/developerworks/rational/library/05/0816_GuptaPalanki/], 2005. Available at http://www.ibm.com/developerworks/rational/library/05/0816_GuptaPalanki/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e19d3990-15f9-41c6-8aa8-28a93631b04e"><ac:parameter ac:name="">Haack 06</ac:parameter></ac:structured-macro>
\[Haack 2006\] Christian Haack, Erik Poll, Jan Schafer and Aleksy Schubert, [Immutable Objects in Java|https://pms.cs.ru.nl/iris-diglib/src/getContent.php?id=2006-Haack-ObjectsImmutable], 2006. Available at https://pms.cs.ru.nl/iris-diglib/src/getContent.php?id=2006-Haack-ObjectsImmutable. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4fa26876-0408-494f-841d-ee20c799d9f5"><ac:parameter ac:name="">Haggar 00</ac:parameter></ac:structured-macro>
\[Haggar 2000\] Peter Haggar, _Practical Javaâ„¢ Programming Language Guide_, Addison-Wesley Professional, Boston, MA, 2000. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7d1fc356-1866-4057-9db3-2158c336064e"><ac:parameter ac:name="">Halloway 00</ac:parameter></ac:structured-macro>
\[Halloway 2000\] Stuart Halloway, [Java Developer Connection Tech Tips|http://java.sun.com/developer/TechTips/2000/tt0328.html], March 28, 2000. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0592f5f3-877b-476a-a61b-4220e614a95e"><ac:parameter ac:name="">Halloway 01</ac:parameter></ac:structured-macro>
\[Halloway 2001\] Stuart Halloway, [Java Developer Connection Tech Tips|http://java.sun.com/developer/JDCTechTips/2001/tt0130.html], January 30, 2001. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e9cc1d2a-ad47-44e8-8faa-30047800edf4"><ac:parameter ac:name="">Harold 97</ac:parameter></ac:structured-macro>
\[Harold 1997\] Elliotte Rusty Harold, _Java Secrets_, Wiley, New York, 1997. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f3e3ac29-9064-4701-b1fa-02adfe6a0ba9"><ac:parameter ac:name="">Harold 99</ac:parameter></ac:structured-macro>
\[Harold 1999\] Elliotte Rusty Harold, _Java I/O_, O'Reilly, Sebastopol, CA, 1999. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4f276d85-4ac6-4833-a3c9-9190adc0f4ae"><ac:parameter ac:name="">Harold 06</ac:parameter></ac:structured-macro>
\[Harold 2006\] Elliotte Rusty Harold, _Java I/O_, 2nd ed., O'Reilly, Sebastopol, CA, 2006. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="763d27a3-e825-41c3-a6d9-fead16bb2f13"><ac:parameter ac:name="">Hawtin 08</ac:parameter></ac:structured-macro>
\[Hawtin 2008\] Thomas Hawtin, [Secure Coding Antipatterns: Preventing Attacks and Avoiding Vulnerabilities|http://www.makeitfly.co.uk/Presentations/london-securecoding.pdf], Sun Microsystems, Make it Fly 2008, London. 2008. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7bd98319-a146-41bf-a864-a671c77c130d"><ac:parameter ac:name="">Heffley 2004</ac:parameter></ac:structured-macro>
\[Heffley 2004\] J. Heffley and P. Meunier, Can Source Code Auditing Software Identify Common Vulnerabilities and Be Used to Evaluate Software Security? _Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS’04)_, Track 9, Volume 9, IEEE Computer Society, January 2004. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0d2f1514-b960-4f9a-a9d0-1f4fc0d5c0d5"><ac:parameter ac:name="">Henney 03</ac:parameter></ac:structured-macro>
\[Henney 2003\] Kevlin Henney, [Null Object, Something for Nothing|http://www.two-sdg.demon.co.uk/curbralan/papers/europlop/NullObject.pdf], 2003. Available at http://www.two-sdg.demon.co.uk/curbralan/papers/europlop/NullObject.pdf. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8d06a3bb-622b-4bad-a7bf-0268beb18cd3"><ac:parameter ac:name="">Hitchens 02</ac:parameter></ac:structured-macro>
\[Hitchens 2002\] Ron Hitchens, _Javaâ„¢ NIO_, O'Reilly, Sebastopol, CA, 2002. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d6171a00-dd46-4488-9ae6-2aa4f72efb0e"><ac:parameter ac:name="">Hornig 07</ac:parameter></ac:structured-macro>
\[Hornig 2007\] Charles Hornig, [Advanced Javaâ„¢ Globalization|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2873.pdf],JavaOne Conference, 2007. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0b1432a0-0de5-4b5a-bddc-6071abf167e4"><ac:parameter ac:name="">Hovemeyer 07</ac:parameter></ac:structured-macro>
\[Hovemeyer 2007\] David Hovemeyer and William Pugh, Finding More Null Pointer Bugs, But Not Too Many, _Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program Analysis for Software Tools and Engineering_, 2007. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3f79c729-1165-45ee-8166-169cc10cbaeb"><ac:parameter ac:name="">Howard 02</ac:parameter></ac:structured-macro>
\[Howard 2002\] Michael Howard and David C. LeBlanc, [_Writing Secure Code_|http://www.microsoft.com/mspress/books/5957.aspx], 2nd ed., Microsoft Press, Redmond, WA, 2002. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7ac2dba3-9446-42af-96b6-5a7a73ca78ef"><ac:parameter ac:name="">Hunt 98</ac:parameter></ac:structured-macro>
\[Hunt 1998\] J. Hunt and F. Long, Java's Reliability: An Analysis of Software Defects in Java, _Software IEEE Proceedings_, 1998. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="828b895a-28eb-4c94-a7c7-d37ddb2f35f3"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro>
\[IEC 60812 2006\] _Analysis Techniques for System Reliability - Procedure for Failure Mode and Effects Analysis (FMEA)_, 2nd ed., International Electrotechnical Commission, Geneva, 2006. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9bf71fd-3f65-4d3b-84cb-b39ec3fe9d8d"><ac:parameter ac:name="">IEEE 754 2006</ac:parameter></ac:structured-macro>
\[IEEE 754 2006\] IEEE, [Standard for Binary Floating-Point Arithmetic|http://grouper.ieee.org/groups/754/] (IEEE 754-1985), 2006. Available at http://grouper.ieee.org/groups/754/. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="612368ed-ca55-4ec5-bc4d-2816a0b2e2e7"><ac:parameter ac:name="">ISO/IEC TR 24772-2010</ac:parameter></ac:structured-macro>
\[ISO/IEC TR 24772:2010\] ISO/IEC TR 24772. _Information Technology_ --- _Programming Languages_ --- _Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use_, October 2010. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="92a28092-de6d-4384-9842-e2ac763f476f"><ac:parameter ac:name="">J2SE 00</ac:parameter></ac:structured-macro>
\[J2SE 2000\] Javaâ„¢ 2 SDK, Standard Edition Documentation, Sun Microsystems, [J2SE Documentation version 1.3|http://java.sun.com/j2se/1.3/docs/guide/], Sun Microsystems, 2000. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="87c05124-e484-48f6-a3b7-837ca3633699"><ac:parameter ac:name="">J2SE 11</ac:parameter></ac:structured-macro>
\[J2SE 2011\] Javaâ„¢ SE 7 Documentation, [J2SE Documentation version 1.7|http://download.java.net/jdk7/docs/], Oracle Corp., 2011. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="415ddef7-cb2d-412f-bbb1-b91be7a4d4bc"><ac:parameter ac:name="">JarSpec 08</ac:parameter></ac:structured-macro>
\[JarSpec 2008\] J2SE Documentation version 1.5, [Jar File Specification|http://java.sun.com/j2se/1.5.0/docs/guide/jar/jar.html], Sun Microsystems, 2000. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9a7ec460-47de-490f-bfa2-2115a09eb38c"><ac:parameter ac:name="">Java 06</ac:parameter></ac:structured-macro>
\[Java 2006\] [Java - The Java Application Launcher|http://java.sun.com/javase/6/docs/technotes/tools/windows/java.html], Sun Microsystems, 2006. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0b913467-c6b9-489d-98c3-a3931d3ddb28"><ac:parameter ac:name="">Java2NS 99</ac:parameter></ac:structured-macro>
\[Java2NS 1999\] Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani, _Java 2 Network Security_, Prentice Hall, Upper Saddle River, NJ, 1999. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc58a3ce-4292-4cb3-aedc-195aaa713cef"><ac:parameter ac:name="">JavaGenerics 04</ac:parameter></ac:structured-macro>
\[JavaGenerics 2004\] Oracle, [Generics|http://java.sun.com/j2se/1.5.0/docs/guide/language/generics.html]\], Sun Microsystems, 2004. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="389055ea-c458-41c6-808a-1689d5ad266f"><ac:parameter ac:name="">JavaThreads 99</ac:parameter></ac:structured-macro>
\[JavaThreads 1999\] Scott Oaks and Henry Wong, _Java Threads_, 2nd ed., O'Reilly, Sebastopol, CA, 1999. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0e845500-d291-4dee-aae7-578006be527d"><ac:parameter ac:name="">JavaThreads 04</ac:parameter></ac:structured-macro>
\[JavaThreads 2004\] Scott Oaks and Henry Wong, _Java Threads_, 3rd ed., O'Reilly, Sebastopol, CA, 2004. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="60cee9eb-0064-4a48-8ecf-4d104af09551"><ac:parameter ac:name="">JDK7 08</ac:parameter></ac:structured-macro>
\[JDK7 2008\] [Javaâ„¢ Platform, Standard Edition 7 documentation|http://download.java.net/jdk7/docs/], Sun Microsystems, December 2008. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ca56598-ea67-4961-8ddc-567ce6b34d86"><ac:parameter ac:name="">JLS 05</ac:parameter></ac:structured-macro>
\[JLS 2005\] James Gosling, Bill Joy, Guy Steele, and Gilad Bracha, [_Java Language Specification_\|http://java.sun.com/docs/books/jls/index.html], 3rd ed., Prentice Hall, Upper Saddle River, NJ, 2005. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="563467c2-2a2d-46ae-a8e6-645bec9edf7b"><ac:parameter ac:name="">JMX 06</ac:parameter></ac:structured-macro>
\[JMX 2006\] [Monitoring and Management for the Java Platform|http://java.sun.com/javase/6/docs/technotes/guides/management/index.html], Sun Microsystems, Inc. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="392b42c6-caea-4a8b-ac80-7ac43bcbc870"><ac:parameter ac:name="">JMXG 06</ac:parameter></ac:structured-macro>
\[JMXG 2006\] [Java SE Monitoring and Management Guide|http://java.sun.com/javase/6/docs/technotes/guides/management/toc.html], Sun Microsystems, Inc. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="557959e4-8614-4e12-8a48-478c776b6678"><ac:parameter ac:name="">JNI 06</ac:parameter></ac:structured-macro>
\[JNI 2006\] [Java Native Interface|http://java.sun.com/javase/6/docs/technotes/guides/jni/index.html], Sun Microsystems, Inc. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3a942c3d-e204-4cdd-9863-2ea99a144db7"><ac:parameter ac:name=""> Jovanovic 06</ac:parameter></ac:structured-macro>
\[Jovanovic 2006\] Nenad Jovanovic, Christopher Kruegel, Engin Kirda, [Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)|http://dx.doi.org/10.1109/SP.2006.29], Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), p.258-263, May 21-24 (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8251c37a-a7d9-498a-bcc5-e817e7ba7a0a"><ac:parameter ac:name="">JPDA 04</ac:parameter></ac:structured-macro>
\[JPDA 2004\] [Java Platform Debugger Architecture (JPDA)|http://java.sun.com/javase/6/docs/technotes/guides/jpda/index.html], Sun Microsystems, Inc. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f7a8876e-c5c0-4db8-b722-14a256967238"><ac:parameter ac:name="">JPL 06</ac:parameter></ac:structured-macro>
\[JPL 2006\] The Javaâ„¢ Programming Language, Fourth Edition, by Ken Arnold, James Gosling, David Holmes. Addison Wesley Professional. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="56ba4e34-2b0c-4dec-9469-f3609553e6b5"><ac:parameter ac:name="">JSR-133 04</ac:parameter></ac:structured-macro>
\[JSR-133 2004\] [JSR-133: Javaâ„¢ Memory Model and Thread Specification|http://www.cs.umd.edu/~pugh/java/memoryModel/jsr133.pdf]. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e3ecb233-3eed-4a24-a106-69c9aca442c1"><ac:parameter ac:name="">JVMTI 06</ac:parameter></ac:structured-macro>
\[JVMTI 2006\] [Java Virtual Machine Tool Interface (JVM TI)|http://java.sun.com/javase/6/docs/technotes/guides/jvmti/index.html], Sun Microsystems, Inc. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9f0b9720-28f5-4e8b-bc70-3926b9caeb44"><ac:parameter ac:name="">JVMSpec 99</ac:parameter></ac:structured-macro>
\[JVMSpec 1999\] [The Java Virtual Machine Specification|http://java.sun.com/docs/books/jvms/], Sun Microsystems, Inc. (1999) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="901c84b1-2209-43db-a93c-a9ca0ac7605e"><ac:parameter ac:name="">Kabanov 09</ac:parameter></ac:structured-macro>
\[Kabanov 2009\] [The Ultimate Java Puzzler|http://dow.ngra.de/2009/02/16/the-ultimate-java-puzzler/] by Jevgeni Kabanov, Core developer of JavaRebel. February 16th, 2009. (2009) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="21c2b6d9-77ee-4914-813d-58a2f779577b"><ac:parameter ac:name="">Kabutz 01</ac:parameter></ac:structured-macro>
\[Kabutz 2001\] The Java Specialists' Newsletter, by Dr. Heinz M. Kabutz. (2001) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e852dc4c-ed46-45b4-9df3-f16ca6b1ffb3"><ac:parameter ac:name="">Kalinovsky 04</ac:parameter></ac:structured-macro>
\[Kalinovsky 2004\] Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering, by Alex Kalinovsky. SAMS Publishing. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ee5a7918-3e39-4655-bcbf-cb2f2c65bbf9"><ac:parameter ac:name="">Knoernschild 01</ac:parameter></ac:structured-macro>
\[Knoernschild 2001\] Javaâ„¢ Design: Objects, UML, and Process, by Kirk Knoernschild. Addison-Wesley Professional. (2001) |
...
Wiki Markup |
---|
\[Lai 2008\] [Java Insecurity: Accounting for Subtleties That Can Compromise Code, by Charlie Lai, Sun Microsystems|http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4420062] (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d647eb3d-6e9d-44fa-82c5-46b253009211"><ac:parameter ac:name="">Langer 08</ac:parameter></ac:structured-macro>
\[Langer 2008\] [http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html|http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html], Angelica Langer. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="08c8f843-1765-42c8-94ba-ef2507c3ed71"><ac:parameter ac:name="">Lea 00</ac:parameter></ac:structured-macro>
\[Lea 2000\] Concurrent Programming in Java, 2nd edition, by Doug Lea. Addison Wesley, Sun Microsystems, Inc. (2000) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cecee1d8-7fb0-48c5-a0ed-28f5f2750364"><ac:parameter ac:name="">Lea 00b</ac:parameter></ac:structured-macro>
\[Lea 2000b\] [Correct and Efficient Synchronization of Javaâ„¢ Technology based Threads|http://www.cs.umd.edu/~pugh/java/memoryModel/TS-754.pdf], by Doug Lea and William Pugh. JavaOne Conference. (2000) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="45a77831-3621-4dae-bcaa-620c61e2b163"><ac:parameter ac:name="">Lea 08</ac:parameter></ac:structured-macro>
\[Lea 2008\] [The JSR-133 Cookbook for Compiler Writers|http://g.oswego.edu/dl/jmm/cookbook.html], by Doug Lea. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8a3821d8-8585-4f63-b93a-83f6513bf82f"><ac:parameter ac:name="">Lee 09</ac:parameter></ac:structured-macro>
\[Lee 2009\] [Robust and Scalable Concurrent Programming: Lessons from the Trenches|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-4620.pdf], by Sangjin Lee, Mahesh Somani, & Debashis Saha, eBay Inc. JavaOne Conference. (2009) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f9792164-78b9-4861-9af4-4354ab3799f9"><ac:parameter ac:name="">Liang 97</ac:parameter></ac:structured-macro>
\[Liang 1997\] The Javaâ„¢ Native Interface, Programmer's Guide and Specification, by Sheng Liang. ADDISON-WESLEY. (1997) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f2d60852-a083-4ff8-ac75-0f18ec690107"><ac:parameter ac:name="">Liang 98</ac:parameter></ac:structured-macro>
\[Liang 1998\] [Dynamic Class Loading in the Javaâ„¢ Virtual Machine|http://portal.acm.org/citation.cfm?doid=286936.286945], by Sheng Liang and Gilad Bracha. Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications. (1998) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5526fb4c-6b70-4ee4-80ad-d7029c8a9e4d"><ac:parameter ac:name="">Lieberman 86</ac:parameter></ac:structured-macro>
\[Lieberman 1986\] [Using prototypical objects to implement shared behavior in object-oriented systems|http://portal.acm.org/citation.cfm?id=28718]. In: Conference proceedings on Object-oriented programming systems, languages and applications. Portland 1986, p. 214-223 ISSN 0362-1340, by Henry Lieberman, Massachusetts Institute of Technology. (1986) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1da5a378-674d-4e77-9dae-29c339c8af6d"><ac:parameter ac:name="">Lo 05</ac:parameter></ac:structured-macro>
\[Lo 2005\] [Security Issues in Garbage Collection|http://www.stsc.hill.af.mil/crosstalk/2005/10/0510DanLo.html], by Dr. Chia-Tien Dan Lo, University of Texas at San Antonio, Dr. Witawas Srisa-an, University of Nebraska at Lincoln, Dr. J. Morris Chang, Iowa State University. STSC Crosstalk, October 2005 issue. (2005) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5d1f877c-b9c9-4c03-b381-e33af42b2219"><ac:parameter ac:name="">Long 05</ac:parameter></ac:structured-macro>
\[Long 2005\] [Software Vulnerabilities in Java|http://www.sei.cmu.edu/publications/documents/05.reports/05tn044.html], by Fred Long, CMU/SEI-2005-TN-044. (2005) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6f285ca7-95f1-42f3-9367-04b409a23e86"><ac:parameter ac:name="">LSOD 02</ac:parameter></ac:structured-macro>
\[LSOD 02\] Last Stage of Delirium Research Group. Java and Java Virtual Machine Security. Poland: Last Stage of Delirium Research Group,
2002. [http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf]. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="01051151-aca1-4d7e-8917-364947caddd0"><ac:parameter ac:name="">Low 97</ac:parameter></ac:structured-macro>
\[Low 1997\] [Protecting Java Code via Obfuscation|http://www.cs.arizona.edu/~collberg/Research/Students/DouglasLow/obfuscation.html], by Douglas Low. (1997) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1bb142f5-a0b6-4aa3-9349-e60b69fe3d0d"><ac:parameter ac:name="">Macgregor 98</ac:parameter></ac:structured-macro>
\[Macgregor 1998\] Java Network Security, by Robert Macgregor, Dave Durbin, John Owlett and Andrew Yeomans. Prentice Hall. (1998) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dad7cf9f-d7bc-4461-b395-2535df909578"><ac:parameter ac:name="">Mahmoud 02</ac:parameter></ac:structured-macro>
\[Mahmoud 2002\] [Compressing and Decompressing Data Using Java APIs|http://java.sun.com/developer/technicalArticles/Programming/compression/], by Qusay H. Mahmoud. Oracle. (2002) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d08d9b2a-4bab-41ed-a39d-70c6b3de4b6f"><ac:parameter ac:name="">Mak 02</ac:parameter></ac:structured-macro>
\[Mak 2002\] Java Number Cruncher, The Java Programmer's Guide to Numerical Computing, by Ronald Mak. Prentice Hall. (2002) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="96cf2e8d-45fc-4d9a-8193-d5080c533ff8"><ac:parameter ac:name="">Manson 04</ac:parameter></ac:structured-macro>
\[Manson 2004\] [JSR 133 (Java Memory Model) FAQ|http://www.cs.umd.edu/~pugh/java/memoryModel/jsr-133-faq.html#finalRight], by Jeremy Manson and Brian Goetz. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="136bc32f-3a39-4a79-b939-fa3f5eb99956"><ac:parameter ac:name="">Manson 06</ac:parameter></ac:structured-macro>
\[Manson 2006\] [The Javaâ„¢ Memory Model: the building block of concurrency|http://developers.sun.com/learning/javaoneonline/2006/coreplatform/TS-1630.pdf], by Jeremy Manson and William Pugh, JavaOne Conference. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fcaffae8-9f1f-416e-b706-9c5810e423d4"><ac:parameter ac:name="">Martin 96</ac:parameter></ac:structured-macro>
\[Martin 1996\] [Granularity|http://www.objectmentor.com/resources/articles/granularity.pdf], by Robert C. Martin. (1996) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c9a1b48a-de47-4036-bcf6-9fc15784b88a"><ac:parameter ac:name="">McCluskey 01</ac:parameter></ac:structured-macro>
\[McCluskey 2001\] Java Developer Connection Tech Tips, by Glen McCluskey, April 10, 2001. (2001) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5caed238-394f-403f-8a7d-7dafa6f387a2"><ac:parameter ac:name="">McGraw 99</ac:parameter></ac:structured-macro>
\[McGraw 1999\] Securing Java, Getting Down to Business with Mobile Code, by Gary McGraw and Edward W. Felten. Wiley. (1999) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66d14947-a7e3-4c96-a27f-922984507dba"><ac:parameter ac:name="">Mcgraw 98</ac:parameter></ac:structured-macro>
\[McGraw 1998\] [Twelve rules for developing more secure Java code|http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules.html], Gary McGraw and Edward W. Felten, JavaWorld.com. (1998) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1cacdbae-3000-4296-bae5-5a28843ae31b"><ac:parameter ac:name="">Mettler 2010A</ac:parameter></ac:structured-macro>
\[Mettler 2010A\] A. Mettler, D. Wagner, and T. Close. Joe-E: A security-oriented subset of Java. In 17th Network & Distributed System Security Symposium, 2010. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ebbef956-9257-4589-83a9-d6a3c37b3687"><ac:parameter ac:name="">Mettler 2010B</ac:parameter></ac:structured-macro>
\[Mettler 2010B\] Adrian Mettler and David Wagner. 2010. Class properties for security review in an object-capability subset of Java: (short paper). In Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS '10). ACM, New York, NY, USA, , Article 7 , 7 pages. DOI=10.1145/1814217.1814224 [http://doi.acm.org/10.1145/1814217.1814224] |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cd7a3149-dfc9-4c54-aeb8-bee8be242047"><ac:parameter ac:name="">Miller 09</ac:parameter></ac:structured-macro>
\[Miller 2009\] [Javaâ„¢ Platform Concurrency Gotchas|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-4863.pdf], by Alex Miller, Terracotta. JavaOne Conference. (2009) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="93a1d7e7-0e16-4a08-8e4c-7349e6f52e8f"><ac:parameter ac:name="">MITRE 2011</ac:parameter></ac:structured-macro>
\[MITRE 2011\] [Common Weakness Enumeration|http://cwe.mitre.org/], MITRE Corporation. (2011) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b66366be-4531-42ab-99a6-a0632d134cc1"><ac:parameter ac:name="">Mocha 07</ac:parameter></ac:structured-macro>
\[Mocha 2007\] [Mocha, the Java Decompiler|http://www.brouhaha.com/~eric/software/mocha/] (2007) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ee5fc608-4009-4723-9d36-626442afa749"><ac:parameter ac:name="">Monsch 06</ac:parameter></ac:structured-macro>
\[Monsch 2006\] [Ruining Security with java.util.Random|http://www.iplosion.com/papers/ruining_security_with_java.util.random_v1.0.p] Version 1.0, by Jan P. Monsch. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="24b15a86-01f5-4974-9d2a-2bc1d5f2c957"><ac:parameter ac:name="">MSDN 09</ac:parameter></ac:structured-macro>
\[MSDN 2009\] [Using SQL Escape Sequences|http://msdn.microsoft.com/en-us/library/ms378045(SQL.90).aspx], Microsoft Corporation. (2009) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bb786a1f-8a8a-46fe-9425-5e086cd1e892"><ac:parameter ac:name="">Muchow 01</ac:parameter></ac:structured-macro>
\[Muchow 2001\] [MIDlet Packaging with J2ME|http://www.onjava.com/pub/a/onjava/2001/04/26/midlet.html], by John W. Muchow (2001) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9e6f34d3-762b-4e53-9640-72599e5e3872"><ac:parameter ac:name="">M&#xFC;ller 02</ac:parameter></ac:structured-macro>
\[Müller 2002\] [Exception Handling: Common Problems and Best Practice with Java 1.4|http://www.old.netobjectdays.org/pdf/02/papers/industry/1430.pdf] by Dr. Andreas Müller and Geoffrey Simmons, Sun Microsystems GmbH. (2002) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e85b5e37-d872-42f8-b45d-de2bf90328d9"><ac:parameter ac:name="">Naftalin 06</ac:parameter></ac:structured-macro>
\[Naftalin 2006\] Java Generics and Collections, Maurice Naftalin and Philip Wadler, O'Reilly (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b598e8fc-e7e8-41cd-a92b-9ccae502395f"><ac:parameter ac:name="">Naftalin 06b</ac:parameter></ac:structured-macro>
\[Naftalin 2006b\] [Javaâ„¢ Generics and Collections: Tools for Productivity|http://gceclub.sun.com.cn/java_one_online/2007/pdf/TS-2890.pdf], by Maurice Naftalin, Morningside Light Ltd, Philip Wadler, University of Edinburgh. JavaOne Conference (2007) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a760fbaa-9bfa-4331-9b01-11b12c07340a"><ac:parameter ac:name="">Netzer 92</ac:parameter></ac:structured-macro>
\[Netzer 1992\] [What Are Race Conditions? Some Issues and Formalization|http://portal.acm.org/citation.cfm?id=130616.130623], by ROBERT H. B. NETZER and BARTON P. MILLER, University of Wisconsin --- Madison. (1992) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d878c0bc-553a-4a73-909e-ee75965082d7"><ac:parameter ac:name="">Neward 04</ac:parameter></ac:structured-macro>
\[Neward 2004\] Effective Enterprise Java, by Ted Neward. Addison Wesley Professional. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="40555339-adce-44d6-a428-77d9e7b4fcda"><ac:parameter ac:name="">Nisewanger 07</ac:parameter></ac:structured-macro>
\[Nisewanger 2007\] [Avoiding Antipatterns, by Jeff Nisewanger, JavaOne Conference|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2594.pdf] (2007) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b03c1c28-e0e6-46cc-acf9-d278266f609c"><ac:parameter ac:name="">Nolan 04</ac:parameter></ac:structured-macro>
\[Nolan 2004\] Decompiling Java, by Godfrey Nolan, [Apress|http://www.apress.com/]. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dda21edd-0fdf-4085-8f77-38a309e22886"><ac:parameter ac:name="">Oaks 01</ac:parameter></ac:structured-macro>
\[Oaks 2001\] Java Security, by Scott Oaks. O'REILLY. (2001) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="83ea4b16-6206-4be8-bd11-e9d00de5bdda"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>
\[Open Group 2004\] [The Open Group Base Specifications Issue 6|http://pubs.opengroup.org/onlinepubs/009695399/mindex.html]. The IEEE and The Open Group. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="43248e0e-395f-4bf4-8f6e-c0922aa5f375"><ac:parameter ac:name="">Oracle 10</ac:parameter></ac:structured-macro>
\[Oracle 2010a\] [Java SE 6 HotSpot\[tm\] Virtual Machine Garbage Collection Tuning|http://java.sun.com/javase/technologies/hotspot/gc/gc_tuning_6.html], Oracle Corporation. (2010) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8b3a766b-110f-4e91-aa4b-dd40bc4d158c"><ac:parameter ac:name="">OWASP 05</ac:parameter></ac:structured-macro>
\[OWASP 2005\] [A Guide to Building Secure Web Applications and Web Services|http://internap.dl.sourceforge.net/sourceforge/owasp/OWASPGuide2.0.1.pdf]. The Open Web Application Security Project. (2005) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a61135ad-b5c9-481a-95c5-09723e096251"><ac:parameter ac:name="">OWASP 07</ac:parameter></ac:structured-macro>
\[OWASP 2007\] [OWASP TOP 10 FOR JAVA EE|https://www.owasp.org/images/8/89/OWASP_Top_10_2007_for_JEE.pdf]. The Open Web Application Security Project. (2007) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a7bbe5fb-5b25-4343-8d17-669fbd470eb0"><ac:parameter ac:name="">OWASP 08</ac:parameter></ac:structured-macro>
\[OWASP 2008\] [OWASP|http://www.owasp.org/index.php/Main_Page]. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="728acef1-154f-4daf-858e-635fcd02d450"><ac:parameter ac:name="">Permissions 08</ac:parameter></ac:structured-macro>
\[Permissions 2008\] [Permissions in the Javaâ„¢ SE 6 Development Kit (JDK)|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html], Sun Microsystems, Inc. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dd6bb2fa-961d-43e4-b9c9-68fe6e911c88"><ac:parameter ac:name="">Philion 03</ac:parameter></ac:structured-macro>
\[Philion 2003\] [Beware the dangers of generic Exceptions|http://www.javaworld.com/javaworld/jw-10-2003/jw-1003-generics.html?page=2#sidebar1], by Paul Philion, JavaWorld.com. (2003) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9dae20dc-19a8-4aae-9b7e-355e4ae60c06"><ac:parameter ac:name="">Phillips 05</ac:parameter></ac:structured-macro>
\[Phillips 2005\] [Are We Counting Bytes Yet?|http://www.inter-locale.com/whitepaper/IUC27-a303.html] at the 27th Internationalization and Unicode Conference, by by Addison P. Phillips. webMethods, Inc. (2005) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1d899500-d831-4f2d-989a-f38c09f27aed"><ac:parameter ac:name="">Pistoia 04</ac:parameter></ac:structured-macro>
\[Pistoia 2004\] Enterprise Java Security: Building Secure J2EE Applications, by Marco Pistoia, Nataraj Nagaratnam, Larry Koved and Anthony Nadalin. Addison Wesley. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="365ef65f-3568-4071-ba1f-b6abcb201965"><ac:parameter ac:name="">Policy 02</ac:parameter></ac:structured-macro>
\[Policy 2002\] [Default Policy Implementation and Policy File Syntax|http://java.sun.com/javase/6/docs/technotes/guides/security/PolicyFiles.html], Document revision 1.6, Sun Microsystems, Inc. (2002) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="40d4ba9a-000c-406e-999c-1c6c5a030231"><ac:parameter ac:name="">Pugh 04</ac:parameter></ac:structured-macro>
\[Pugh 2004\] [The Java Memory Model (discussions reference)|http://www.cs.umd.edu/~pugh/java/memoryModel/] by William Pugh, Univ. of Maryland. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="29edc5b6-99d6-4a96-a482-6e5458400d0c"><ac:parameter ac:name="">Pugh 08</ac:parameter></ac:structured-macro>
\[Pugh 2008\] [Defective Java Code: Turning WTF Code into a Learning Experience|http://developers.sun.com/learning/javaoneonline/2008/pdf/TS-6589.pdf?cid=925745], by William Pugh, Univ. of Maryland. JavaOne Conference. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3e6701ec-ee9d-4bfa-a85f-b390b62a1056"><ac:parameter ac:name="">Pugh 09</ac:parameter></ac:structured-macro>
\[Pugh 2009\] [Defective Java Code: Mistakes That Matter|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-5335.pdf], by William Pugh, Univ. of Maryland. JavaOne Conference. (2009) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e66bee91-4afc-41ff-a6b0-d96d5d56e8be"><ac:parameter ac:name="">Reasoning 03</ac:parameter></ac:structured-macro>
\[Reasoning 2003\] [Reasoning Inspection Service Defect Data Tomcat v 1.4.24|http://www.reasoning.com/pdf/Tomcat_Defect_Report.pdf], Reasoning. 14 Nov 2003. (2003) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0c13772b-3f5c-4bf7-897f-f5bce1ddddf0"><ac:parameter ac:name="">Reflect 06</ac:parameter></ac:structured-macro>
\[Reflect 2006\] [Reflection|http://java.sun.com/javase/6/docs/technotes/guides/reflection/index.html], Sun Microsystems, Inc. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7abf5551-a8ca-4057-b5e0-ff4c0a51af8c"><ac:parameter ac:name="">Rogue 00</ac:parameter></ac:structured-macro>
\[Rogue 2000\] [The Elements of Java Style|http://www.ambysoft.com/books/elementsJavaStyle.html], by Vermeulen, Ambler, Metz, Misfeldt, Shur, and Thompson. Cambridge University Press (2000) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88d5fdf4-74de-40d4-bac3-18da4d3bf8b1"><ac:parameter ac:name="">Rotem 08</ac:parameter></ac:structured-macro>
\[Rotem 2008\] [Fallacies of Distributed Computing Explained|http://www.rgoarchitects.com/Files/fallacies.pdf], by Arnon Rotem-Gal-Oz. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="93a1dc8d-5067-4547-a79a-4d734f57b854"><ac:parameter ac:name="">Roubtsov 03</ac:parameter></ac:structured-macro>
\[Roubtsov 2003\] [Breaking Java exception-handling rules is easy|http://www.javaworld.com/javaworld/javaqa/2003-02/02-qa-0228-evilthrow.html], by Vladimir Roubtsov, JavaWorld.com. (2003) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d660963a-e32e-4cdd-8205-05246322eba9"><ac:parameter ac:name="">Roubtsov 03b</ac:parameter></ac:structured-macro>
\[Roubtsov 2003b\] [Into the mist of serialization myths|http://www.javaworld.com/javaworld/javaqa/2003-06/02-qa-0627-mythser.html?page=1], by Vladimir Roubtsov, JavaWorld.com. (2003) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2f3a43ec-d352-4403-88aa-d5486b671115"><ac:parameter ac:name="">Saltzer 74</ac:parameter></ac:structured-macro>
\[Saltzer 1974\] Saltzer, J. H. Protection and the Control of Information Sharing in Multics. _Communications of the ACM 17_, 7 (July 1974): 388---402. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="73a65743-93e0-40b6-b58f-43a72bf8f2ef"><ac:parameter ac:name="">Saltzer 75</ac:parameter></ac:structured-macro>
\[Saltzer 1975\] Saltzer, J. H., & Schroeder, M. D. "The Protection of Information in Computer Systems." _Proceedings of the IEEE 63_, 9 (September 1975): 1278-1308. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ff98b273-91bc-4d8e-b3b7-803f0687a2d7"><ac:parameter ac:name="">SCG 09</ac:parameter></ac:structured-macro>
\[SCG 2009\] [Secure Coding Guidelines for the Java Programming Language, version 3.0|http://java.sun.com/security/seccodeguide.html], Sun Microsystems, Inc. (2009) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ed254dd0-cbb0-4e41-a573-4b146677108b"><ac:parameter ac:name="">Schildt 07</ac:parameter></ac:structured-macro>
\[Schildt 2007\] Herb Schildt's Java Programming Cookbook, Herb Schildt, McGraw-Hill (2007) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="afb807d3-d4a2-4351-8107-6ef5c64732dc"><ac:parameter ac:name="">Schneier 00</ac:parameter></ac:structured-macro>
\[Schneier 2000\] Secrets and Lies---Digital Security in a Networked World , by Bruce Schneier. ISBN 0-471-25311-1, John Wiley and Sons. (2000) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="18c447bb-d122-4e61-9178-02d701d06d19"><ac:parameter ac:name="">Schoenefeld 02</ac:parameter></ac:structured-macro>
\[Schönefeld 2002\] Schönefeld, Marc. “Security Aspects in Java Bytecode Engineering.†Blackhat Briefings 2002, Las Vegas, August 2002.
http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-schonefeld-java.ppt. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9bbef619-1129-42b3-bdd3-4101857386be"><ac:parameter ac:name="">Schoenefeld 04</ac:parameter></ac:structured-macro>
\[Schönefeld 2004\] Schönefeld, Marc. Java Vulnerabilities in Opera 7.54 BUGTRAQ Mailing List (bugtraq@securityfocus.com), Nov 2004. (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6bb9fcfc-7376-4b42-a1ea-9ed780b32944"><ac:parameter ac:name="">Schwarz 04</ac:parameter></ac:structured-macro>
\[Schwarz 2004\] [Avoiding Checked Exceptions|http://www.oreillynet.com/onjava/blog/2004/09/avoiding_checked_exceptions.html], by Don Schwarz, ONJava (2004) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b40ae2b-76dd-418c-afed-aaaae4b80851"><ac:parameter ac:name="">Schweisguth 03</ac:parameter></ac:structured-macro>
\[Schweisguth 2003\] [Java Tip 134: When catching exceptions, don't cast your net too wide|http://www.javaworld.com/javaworld/javatips/jw-javatip134.html?page=2], by Dave Schweisguth. Javaworld.com. (2003) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="066bc2cb-112c-43c0-8802-fa4f06549cc1"><ac:parameter ac:name="">SDN 08</ac:parameter></ac:structured-macro>
\[SDN 2008\] [SUN Developer Network|http://developers.sun.com/], Sun Microsystems, Inc. (1994-2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8373fbe2-4d44-4d63-8dda-90117b0ec1a2"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro>
\[Seacord 2005\] Seacord, Robert C. [_Secure Coding in C and C+\+_|http://www.cert.org/books/secure-coding]. Boston, MA: Addison-Wesley. (2005) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="521bee4e-ca0f-4393-9c6f-b0732ab918bc"><ac:parameter ac:name="">Seacord 2008</ac:parameter></ac:structured-macro>
\[Seacord 2008\] Seacord, Robert C. _The CERT C Secure Coding Standard_. Boston, MA: Addison-Wesley. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a970acde-a70c-437c-8472-fb995fe2f71d"><ac:parameter ac:name="">SecArch 06</ac:parameter></ac:structured-macro>
\[SecArch 2006\] [Java 2 Platform Security Architecture|http://java.sun.com/javase/6/docs/technotes/guides/security/spec/security-spec.doc.html], Sun Microsystems, Inc. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d04a244d-84fd-4d97-8fcc-5d15ed4c3535"><ac:parameter ac:name="">Secunia 08</ac:parameter></ac:structured-macro>
\[Secunia 2008\] [Secunia Advisories|http://secunia.com/advisories/]. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="69ccbc50-29a8-4775-9df3-49e7c42c0971"><ac:parameter ac:name="">Security 06</ac:parameter></ac:structured-macro>
\[Security 2006\] [Java Security Guides|http://java.sun.com/javase/6/docs/technotes/guides/security/], Sun Microsystems, Inc. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="43b5ea60-7209-448d-a91c-4450c6ae0fb8"><ac:parameter ac:name="">SecuritySpec 08</ac:parameter></ac:structured-macro>
\[SecuritySpec 2008\] [http://java.sun.com/j2se/1.5.0/docs/guide/security/spec/security-specTOC.fm.html], Sun Microsystems, Inc. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b464ef25-d266-4f5b-981c-49d59965fea1"><ac:parameter ac:name="">Sen 07</ac:parameter></ac:structured-macro>
\[Sen 2007\] [Avoid the dangers of XPath injection|http://www.ibm.com/developerworks/xml/library/x-xpathinjection.html], by Robi Sen, IBM developerWorks. (2007) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="46890e92-5fe5-4a08-8a95-28d0309d2676"><ac:parameter ac:name="">Steel 05</ac:parameter></ac:structured-macro>
\[Steel 2005\] Core Security Patterns: Best Practices and Strategies for J2EEâ„¢, Web Services, and Identity Management, by Christopher Steel, Ramesh Nagappan and Ray Lai. Prentice Hall PTR / Sun Microsystems, Inc. (2005) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5c3a0401-b925-4903-aa8c-35add804240f"><ac:parameter ac:name="">Steele 1977</ac:parameter></ac:structured-macro>
\[Steele 1977\] Steele, G. L. "[Arithmetic shifting considered harmful|http://doi.acm.org/10.1145/956641.956647]." _SIGPLAN Not._ 12, 11 (November 1977), 61-69. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2d6c7f84-bb71-4268-afc9-1459dd636b85"><ac:parameter ac:name="">Steinberg 05</ac:parameter></ac:structured-macro>
\[Steinberg 2005\] [Java Developer Connection Tech Tips "Using the Varargs Language Feature"|http://java.sun.com/developer/JDCTechTips/2005/tt0104.html], Daniel H. Steinberg, January 4, 2005. (2005) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="70570892-6c77-4f9b-b3e7-d302b82cf6a5"><ac:parameter ac:name="">Sterbenz 06</ac:parameter></ac:structured-macro>
\[Sterbenz 2006\] [Secure Coding Antipatterns: Avoiding Vulnerabilities|http://gceclub.sun.com.cn/java_one_online/2006/TS-1238/TS-1238.pdf], by Andreas Sterbenz and Charlie Lai, Sun Microsystems. JavaOne Conference. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="463e47c3-3ba4-45bb-a901-f5f9d045820c"><ac:parameter ac:name="">Steuck 02</ac:parameter></ac:structured-macro>
\[Steuck 2002\] [XXE (Xml eXternal Entity) attack|http://www.securityfocus.com/archive/1/297714], by Gregory Steuck (www.securityfocus.com). (2002) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="171e9d5c-7a42-410a-ae9c-1337a1e54b76"><ac:parameter ac:name=""> Sun 02</ac:parameter></ac:structured-macro>
\[Sun 02\] Sun Microsystems, Inc. Reflection. [http://java.sun.com/j2se/1.5.0/docs/guide/reflection/index.html] (2002). |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="25093cb5-1656-4ea9-818d-ae9f90f551ba"><ac:parameter ac:name="">Sun 04</ac:parameter></ac:structured-macro>
\[Sun 1999\] [Why Are Thread.stop, Thread.suspend, Thread.resume and Runtime.runFinalizersOnExit Deprecated?|http://java.sun.com/j2se/1.4.2/docs/guide/misc/threadPrimitiveDeprecation.html], Sun Microsystems, Inc. (1999) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="53f9ee6e-3f49-4f76-99bd-24a833eb80cb"><ac:parameter ac:name="">Sun 03</ac:parameter></ac:structured-macro>
\[Sun 2003\] [Sun ONE Application Server 7 Performance Tuning Guide|http://docs.sun.com/source/817-2180-10/], Sun Microsystems, Inc. (2003) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4032e78e-77ba-4bd3-8c5b-cbfeec088a72"><ac:parameter ac:name=""> Sun 04a</ac:parameter></ac:structured-macro>
\[Sun 04a\] Sun Microsystems, Inc. Java Management Extensions (JMX). [http://java.sun.com/j2se/1.5.0/docs/guide/jmx/index.html] (2004). |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="464b3fe1-ce11-4337-b2ee-55562b08ad19"><ac:parameter ac:name=""> Sun 04b</ac:parameter></ac:structured-macro>
\[Sun 04b\] Sun Microsystems, Inc. Java Object Serialization Specification, Version 1.5.0.
http://java.sun.com/j2se/1.5.0/docs/guide/serialization/spec/serialTOC.html (2004). |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9e914ee7-113f-4ca4-a739-9dfa27245ff0"><ac:parameter ac:name=""> Sun 04d</ac:parameter></ac:structured-macro>
\[Sun 04d\] Sun Microsystems, Inc. JVM Tool Interface. http://java.sun.com/j2se/1.5.0/docs/guide/jvmti/jvmti.html (2004). |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1017b565-35bb-4640-80b6-32381dde2dbd"><ac:parameter ac:name="">Sun 06</ac:parameter></ac:structured-macro>
\[Sun 2006\] [Javaâ„¢ Platform, Standard Edition 6 documentation|http://java.sun.com/javase/6/docs/index.html], Sun Microsystems, Inc. (2006) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1f0d37c4-907f-458d-a859-629835cc9eb1"><ac:parameter ac:name="">Sun 08</ac:parameter></ac:structured-macro>
\[Sun 2008\] [Javaâ„¢ Plug-in and Applet Architecture|http://java.sun.com/javase/6/docs/technotes/guides/jweb/applet/applet_execution.html], Sun Microsystems, Inc. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f11e08df-47ef-4755-a101-2cf634423050"><ac:parameter ac:name="">Sutherland 10</ac:parameter></ac:structured-macro>
\[Sutherland 2010\] [Composable thread coloring|http://portal.acm.org/citation.cfm?doid=1693453.1693485], by Dean F. Sutherland and William L. Scherlis. Principles and Practice of Parallel Programming, Proceedings of the 15th ACM SIGPLAN symposium on Principles and practice of parallel programming. (2010) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="af9715b6-ca97-489a-a9b3-e98f0b67ea79"><ac:parameter ac:name=""> Tanenbaum 03</ac:parameter></ac:structured-macro>
\[Tanenbaum 2003\] Andrew S. Tanenbaum, Maarten Van Steen. [Distributed Systems: Principles and Paradigms, 2/E|http://www.pearsonhighered.com/educator/academic/product/0,,0132392275,00%2ben-USS_01DBC.html]. March, 2003. ISBN-10: 0132392275. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bf975dbd-6de7-4ccb-b35a-c195f78e532d"><ac:parameter ac:name="">Techtalk 07</ac:parameter></ac:structured-macro>
\[Techtalk 2007\] [The PhantomReference Menace. Attack of the Clone. Revenge of the Shift.|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2707.pdf], by Josh Bloch and William Pugh, JavaOne Conference. (2007) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e5d674ee-16a8-4874-941b-96a3db347be3"><ac:parameter ac:name="">Tomcat 09</ac:parameter></ac:structured-macro>
\[Tomcat 2009\] Tomcat documentation, [Changelog|http://tomcat.apache.org/tomcat-6.0-doc/changelog.html] and [Security fixes|http://tomcat.apache.org/security-6.html], the Apache Software Foundation. (2009) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="59d7dca4-4577-48d8-aff7-70cb47c6e5e8"><ac:parameter ac:name="">Tutorials 08</ac:parameter></ac:structured-macro>
\[Tutorials 2008\] [The Java Tutorials|http://java.sun.com/docs/books/tutorial/index.html], Sun Microsystems, Inc. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc3c104b-cd0e-414a-ad7f-c676fcd393d8"><ac:parameter ac:name="">Unicode 2003</ac:parameter></ac:structured-macro>
\[Unicode 2003\] The Unicode Consortium. The Unicode Standard, Version 4.0.0, defined by: The Unicode Standard, Version 4.0 (Boston, MA, Addison-Wesley, 2003. ISBN 0-321-18578-1) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3014c861-d6b4-458f-86bb-3dc7252f09c7"><ac:parameter ac:name="">Unicode 2007</ac:parameter></ac:structured-macro>
\[Unicode 2007\]
The Unicode Consortium. The Unicode Standard, Version 5.1.0, defined by: The Unicode Standard, Version 5.0 (Boston, MA, Addison-Wesley, 2007. ISBN 0-321-48091-0), as amended by Unicode 5.1.0 ([http://www.unicode.org/versions/Unicode5.1.0/]). |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="14eff189-8463-4f67-b129-f01149896579"><ac:parameter ac:name="">Unicode 2011</ac:parameter></ac:structured-macro>
\[Unicode 2011\] The Unicode Consortium. The Unicode Standard, Version 6.0.0, (Mountain View, CA: The Unicode Consortium, 2011. ISBN 978-1-936213-01-6)[http://www.unicode.org/versions/Unicode6.0.0/] |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1d5ea5b8-c2e9-4eb0-9a67-91a3de20a6fc"><ac:parameter ac:name="">Venners 97</ac:parameter></ac:structured-macro>
\[Venners 1997\] [Security and the class loader architecture|http://www.javaworld.com/javaworld/jw-09-1997/jw-09-hood.html?page=1] Java World.com, by Bill Venners. (1997) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2face4ca-60fa-457a-99f0-2bb409f383dd"><ac:parameter ac:name="">Venners 03</ac:parameter></ac:structured-macro>
\[Venners 2003\] [Failure and Exceptions, A Conversation with James Gosling, Part II|http://www.artima.com/intv/solid.html], by Bill Venners. Artima.com. (2003) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0c45914a-c62f-4e34-8d04-895a0b2bc04e"><ac:parameter ac:name="">VU439395</ac:parameter></ac:structured-macro>
\[VU\#439395\] Lipson, Howard. Vulnerability Note [VU#439395|http://www.kb.cert.org/vuls/id/439395], _Apache web server performs case sensitive filtering on Mac OS X HFS\+ case insensitive filesystem,_ 2001. |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a876d067-5429-4e1b-9448-34d460b67aba"><ac:parameter ac:name="">W3C 08</ac:parameter></ac:structured-macro>
\[W3C 2008\] [Extensible Markup Language (XML) 1.0 (Fifth Edition)|http://www.w3.org/TR/REC-xml/#include-if-valid], W3C Recommendation, by Tim Bray, Jean Paoli, C. M. Sperberg-McQueen, Eve Maler and François Yergeau. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66a296a3-0cd9-4cd6-af78-15dd5dcf4fe9"><ac:parameter ac:name="">Ware 08</ac:parameter></ac:structured-macro>
\[Ware 2008\] [Writing Secure Java Code:A Taxonomy of Heuristics and an Evaluation of Static Analysis Tools|http://mikeware.us/thesis/], Michael S. Ware. (2008) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e7a86982-8dbd-408f-a7dd-916499781c6a"><ac:parameter ac:name="">Weber 09</ac:parameter></ac:structured-macro>
\[Weber 2009\] [Exploiting Unicode-enabled Software|http://www.lookout.net/wp-content/uploads/2009/03/chris_weber_exploiting-unicode-enabled-software-v15.pdf], by Chris Weber, Casaba Security. CanSecWest March 2009. (2009) |
Wiki Markup |
---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="03f06ce0-b4dd-42c1-b44d-6870b3c13f86"><ac:parameter ac:name="">Wheeler 03</ac:parameter></ac:structured-macro>
\[Wheeler 2003\] [Secure Programming for Linux and Unix HOWTO|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html], David A. Wheeler. (2003) |
Wiki Markup |
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5254fd7e-d288-475b-acb7-6c753653a140"><ac:parameter ac:name="">Zukowski 04</ac:parameter></ac:structured-macro>
\[Zukowski 2004\] [Java Developer Connection Tech Tips "Creating Custom Security Permissions"|http://java.sun.com/developer/JDCTechTips/2004/tt0518.html#2], John Zukowski, May 18, 2004. (2004)