<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6bbfa1f2-61c0-4339-961f-cf98d84145f3"><ac:parameter ac:name="">Abadi 96</ac:parameter></ac:structured-macro>
[Abadi 1996] Abadi, Martin, and Roger Needham. Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering 22(1):6â“15 (1996).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="01b3d8f2-f16a-4bfe-9546-44f043be0ee0"><ac:parameter ac:name="">API 06</ac:parameter></ac:structured-macro>
[API 2006] Java Platform, Standard Edition 6 API Specification
. Oracle (2006/2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8a7ee1c4-8329-4d9c-ae2f-8445362fc950"><ac:parameter ac:name="">API 11</ac:parameter></ac:structured-macro>
[API 2011] Java Platform, Standard Edition 7 API Specification. Oracle (2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2ffb1d72-9357-47bf-a5f1-824c972f248c"><ac:parameter ac:name="">Austin 00</ac:parameter></ac:structured-macro>
[Austin 2000] Austin, Calvin, and Monica Pawlan. Advanced Programming for the Java 2 Platform. Boston: Addison-Wesley Longman (2000).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9ebe1874-651f-4456-b5dc-f7571b619688"><ac:parameter ac:name="">Black 04</ac:parameter></ac:structured-macro>
[Black 2004] Black, Paul E., and Paul J. Tanenbaum. "partial order." In Dictionary of Algorithms and Data Structures [online], Paul E. Black, ed., U.S. National Institute of Standards and Technology. http://xlinux.nist.gov/dads/HTML/partialorder.html (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f3c8611b-b613-49c3-9f4e-482a9ceadb26"><ac:parameter ac:name="">Black 06</ac:parameter></ac:structured-macro>
[Black 2006] Black, Paul E., and Paul J. Tanenbaum. "total order." In Dictionary of Algorithms and Data Structures [online], Paul E. Black, ed., U.S. National Institute of Standards and Technology. http://xlinux.nist.gov/dads/HTML/totalorder.html (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="da8c5cd7-b5f8-4d6d-9d79-52d4e19766e0"><ac:parameter ac:name="">Bloch 01</ac:parameter></ac:structured-macro>
[Bloch 2001] Bloch, Joshua. Effective Java: Programming Language Guide. Boston: Addison-Wesley (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2df7584b-2ab2-4725-aa84-21f0cd8bde63"><ac:parameter ac:name="">Bloch 05</ac:parameter></ac:structured-macro>
[Bloch 2005] Bloch, Joshua, and Neal Gafter. Java Puzzlers: Traps, Pitfalls, and Corner Cases. Upper Saddle River, NJ: Addison-Wesley (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="13fc0805-1823-4023-a27b-22ac587f1a5e"><ac:parameter ac:name="">Bloch 05b</ac:parameter></ac:structured-macro>
[Bloch 2005b] Bloch, Joshua, and Neal Gafter. Yet More Programming Puzzlers. JavaOne Conference (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aa115ad4-19ee-4512-bd48-2a1bd85a1929"><ac:parameter ac:name="">Bloch 07</ac:parameter></ac:structured-macro>
[Bloch 2007] Bloch, Joshua. Effective Java⢠Reloaded: This Time It's (Not) for Real. JavaOne Conference (2007).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3fa7a6fa-9a68-4f28-9e73-1f96ef35e768"><ac:parameter ac:name="">Bloch 08</ac:parameter></ac:structured-macro>
[Bloch 2008] Bloch, Joshua. Effective Java, 2nd ed. Upper Saddle River, NJ: Addison-Wesley (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="06798450-cc3c-43a3-9d7c-318d1ac22e67"><ac:parameter ac:name="">Bloch 09</ac:parameter></ac:structured-macro>
[Bloch 2009] Bloch, Joshua, and Neal Gafter. Return of the Puzzlers: Schlock and Awe. JavaOne Conference (2009).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2ebf99cd-bbc0-4d15-8174-b529f2fd48d1"><ac:parameter ac:name="">Boehm 05</ac:parameter></ac:structured-macro>
[Boehm 2005] Boehm, Hans-J. Finalization, Threads, and the Java⢠Technology-Based Memory Model. JavaOne Conference (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="051163a2-2133-4512-b5e0-24e23c43109f"><ac:parameter ac:name="">Campione 96</ac:parameter></ac:structured-macro>
[Campione 1996] Campione, Mary, and Kathy Walrath. The Java Tutorial: Object-Oriented Programming for the Internet. Reading, MA: Addison-Wesley (1996).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="79c6a718-8017-40d0-be7f-65f02369bd5f"><ac:parameter ac:name="">CCITT 88</ac:parameter></ac:structured-macro>
[CCITT 1988] CCITT (International Telegraph and Telephone Consultative Committee). CCITT Blue Book: Recommendation X.509 and IS0 9594-8: The Directory-Authentication Framework. Geneva: International Telecommunication Union (1988).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7254f6e3-4034-46fb-b0ec-4f9be1d289c1"><ac:parameter ac:name="">Chan 99</ac:parameter></ac:structured-macro>
[Chan 1999] Chan, Patrick, Rosanna Lee, and Douglas Kramer. The Java Class Libraries: Supplement for the Java 2 Platform, v1.2, 2nd ed., vol. 1. Upper Saddle River, NJ: Prentice Hall (1999).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c1aa4f0e-11d8-4f32-a88d-ca86f1970f74"><ac:parameter ac:name="">Chess 07</ac:parameter></ac:structured-macro>
[Chess 2007] Chess, Brian, and Jacob West. Secure Programming with Static Analysis. Upper Saddle River, NJ: Addison-Wesley Professional (2007).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e0c81ae9-090b-4089-8f44-409afd4230fc"><ac:parameter ac:name="">Christudas 05</ac:parameter></ac:structured-macro>
[Christudas 2005] Christudas, Binildas. Internals of Java Class Loading, ONJava (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5693bc1c-dea5-461d-8bd9-16dcd2c375b8"><ac:parameter ac:name="">Cohen 81</ac:parameter></ac:structured-macro>
[Cohen 1981] Cohen, D. On Holy Wars and a Plea for Peace, IEEE Computer, 14(10):48â“54 (1981).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="56c6e78c-b69f-4473-92fc-b1f8319e0630"><ac:parameter ac:name="">Conventions 09</ac:parameter></ac:structured-macro>
[Conventions 2009] Code Conventions for the Java Programming Language. Oracle (2009).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="21f56ce8-90ac-4733-acfc-aacb2b55e9de"><ac:parameter ac:name="">Coomes 07</ac:parameter></ac:structured-macro>
[Coomes 2007] Coomes, John, Peter Kessler, and Tony Printezis. Garbage Collection-Friendly Programming. Java SE Garbage Collection Group, Sun Microsystems, JavaOne Conference (2007).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4a418503-a755-42b9-a33b-ab3dc9e5db87"><ac:parameter ac:name="">Core Java 04</ac:parameter></ac:structured-macro>
[Core Java 2004] Horstmann, Cay S., and Gary Cornell. _Core Java⢠2, Vol. I: Fundamentals_, 7th ed. Upper Saddle River, NJ: Prentice Hall PTR (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2210f47a-0d06-451f-a394-f23612c52255"><ac:parameter ac:name="">Cunningham 95</ac:parameter></ac:structured-macro>
[Cunningham 1995] Cunningham, Ward. The CHECKS Pattern Language of Information Integrity. In Pattern Languages of Program Design, James O. Coplien and Douglas C. Schmidt, eds. Reading, MA: Addison-Wesley (1995).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3e7a2fb6-de91-4d78-b32e-68b4bf6a80ab"><ac:parameter ac:name="">CVE 08</ac:parameter></ac:structured-macro>
[CVE 2008] MITRE Corporation. [Common Vulnerabilities and Exposures|http://cve.mitre.org/index.html] (2008/2012).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5a55031c-0b34-4bb3-9efd-9b36036526bd"><ac:parameter ac:name="">Daconta 00</ac:parameter></ac:structured-macro>
[Daconta 2000] Daconta, Michael C. When Runtime.exec() Won't. JavaWorld.com (2000).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="49497724-2ff1-47e2-946b-d593e3abf8ed"><ac:parameter ac:name="">Daconta 03</ac:parameter></ac:structured-macro>
[Daconta 2003] Daconta, Michael C., Kevin T. Smith, Donald Avondolio, and W. Clay Richardson. More Java Pitfalls. Indianapolis: Wiley (2003).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b2ad4bc9-f7a8-465d-9aa9-76b15de5fcd1"><ac:parameter ac:name="">Darwin 04</ac:parameter></ac:structured-macro>
[Darwin 2004] Darwin, Ian F. Java Cookbook, 2nd ed. Sebastopol, CA: OâReilly (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66ff549a-dafc-4800-aa42-23ee5edd94d1"><ac:parameter ac:name="">Davis 08</ac:parameter></ac:structured-macro>
[Davis 2008] Davis, Mark, and Martin Dürst. Unicode Standard Annex #15: Unicode Normalization Forms (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fd77850a-e77c-433d-869c-3a3727e92aa4"><ac:parameter ac:name="">Davis 08b</ac:parameter></ac:structured-macro>
[Davis 2008b] Davis, Mark, and Michel Suignard. Unicode Technical Report #36, Unicode Security Considerations (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="668488bb-c226-46aa-8e5a-d4571ec33cb1"><ac:parameter ac:name="">Dennis 1966</ac:parameter></ac:structured-macro>
[Dennis 1966] Dennis, Jack B., and Earl C. Van Horn. 1966. Programming Semantics for Multiprogrammed Computations. Communications of the ACM, 9(3):143â“155 (1966). doi: 10.1145/365230.365252.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="82ce0c65-5af5-43e7-9497-48e12fdf1377"><ac:parameter ac:name="">DHS 06</ac:parameter></ac:structured-macro>
[DHS 2006] U.S. Department of Homeland Security. Build Security In. https://buildsecurityin.us-cert.gov (2006/2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fba0f58a-4b88-4c96-a62b-4b1b6a73109d"><ac:parameter ac:name="">Dormann 08</ac:parameter></ac:structured-macro>
[Dormann 2008] Dormann, Will. Signed Java Applet Security: Worse Than ActiveX? CERT Vulnerability Analysis Blog (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5831c1be-4060-4c57-8941-50a2ebc22d94"><ac:parameter ac:name="">Doshi 03</ac:parameter></ac:structured-macro>
[Doshi 2003] Doshi, Gunjan. Best Practices for Exception Handling. ONJava (2003).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="38488b36-224f-4788-aa37-b3afe4a01cf0"><ac:parameter ac:name="">Dougherty 2009</ac:parameter></ac:structured-macro>
[Dougherty 2009] Dougherty, Chad, Kirk Sayre, Robert C. Seacord, David Svoboda, and Kazuya Togashi. Secure Design Patterns. CMU/SEI-2009-TR-010 (2009).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fca737ce-acfc-4b1a-a304-a4ea21c78be2"><ac:parameter ac:name="">Eclipse 08</ac:parameter></ac:structured-macro>
[Eclipse 2008] The Eclipse Platform, The Eclipse Foundation (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="679a5512-a6fb-4905-8ebc-bf7390d1cda4"><ac:parameter ac:name="">Encodings 06</ac:parameter></ac:structured-macro>
[Encodings 2006] Supported Encodings, Oracle (2006/2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="579fb7d9-0bdb-4f16-a996-3b9275ff8c7d"><ac:parameter ac:name="">Enterprise 03</ac:parameter></ac:structured-macro>
[Enterprise 2003] Eckstein, Robert. Java Enterprise Best Practices. Sebastopol, CA: O'Reilly (2003).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="093039b0-a947-429f-b35e-ac2a2bd04fb0"><ac:parameter ac:name="">ESA 05</ac:parameter></ac:structured-macro>
[ESA 2005] ESA (European Space Agency). Java Coding Standards. Prepared by ESA Board for Software Standardisation and Control (BSSC) (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e7efde23-de08-4f32-a5a5-d074ff400de6"><ac:parameter ac:name="">Fairbanks 07</ac:parameter></ac:structured-macro>
[Fairbanks 2007] Fairbanks, George. Design Fragments. PhD thesis, Carnegie Mellon University (2007).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0f43385f-f202-48b3-ba74-975813ff36d0"><ac:parameter ac:name="">FindBugs 08</ac:parameter></ac:structured-macro>
[FindBugs 2008] FindBugs Bug Descriptions (2008/2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="58842d54-2690-4ad6-a7ba-88b82c58cf98"><ac:parameter ac:name="">Fisher 03</ac:parameter></ac:structured-macro>
[Fisher 2003] Fisher, Maydene, Jon Ellis, and Jonathan Bruce. JDBC API Tutorial and Reference, 3rd ed. Upper Saddle River, NJ: Prentice Hall (2003).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a2cdc6c-8c38-40c6-af26-765e431161f9"><ac:parameter ac:name="">Flanagan 05</ac:parameter></ac:structured-macro>
[Flanagan 2005] Flanagan, David. Java in a Nutshell, 5th ed. Sebastopol, CA: O'Reilly Media (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="31e162c9-b598-4613-a265-73e499b2203a"><ac:parameter ac:name="">Fortify 08</ac:parameter></ac:structured-macro>
[Fortify 2008] Fortify Software Security Research Group with Gary McGraw. A Taxonomy of Coding Errors That Affect Security (see Java/JSP) (2008/2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="793c4e4c-318f-4572-823a-12601ab28661"><ac:parameter ac:name="">Fox 01</ac:parameter></ac:structured-macro>
[Fox 2001] Fox, Joshua. When Is a Singleton Not a Singleton?. JavaWorld (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a8607726-c240-46e5-ad32-a342ce15a3f4"><ac:parameter ac:name="">FT 08</ac:parameter></ac:structured-macro>
[FT 2008] Function Table: Class FunctionTable, Field Detail, public static FuncLoader m_functions. Apache XML Project (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="77aba650-8bd0-46a6-9161-6b9f8179a42a"><ac:parameter ac:name="">Gafter 06</ac:parameter></ac:structured-macro>
[Gafter 2006] Gafter, Neal. Neal Gafter's blog (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b8e423e5-6ca2-43e7-9c29-e1610b85fb90"><ac:parameter ac:name="">Gamma 95</ac:parameter></ac:structured-macro>
[Gamma 1995] Gamma, Erich, Richard Helm, Ralph Johnson, and John M. Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Reading, MA: Addison-Wesley (1995).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b543a0dd-86c6-46ae-b846-ac340ddd36b9"><ac:parameter ac:name="">Garms 01</ac:parameter></ac:structured-macro>
[Garms 2001] Garms, Jess, and Daniel Somerfield. Professional Java Security. Birmingham, UK: Wrox Press (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6531ccd6-cd35-45c7-80a2-e5dac3a560ef"><ac:parameter ac:name="">Goetz 02</ac:parameter></ac:structured-macro>
[Goetz 2002] Goetz, Brian. Java Theory and Practice: Safe Construction Techniques: Don't Let the "this" Reference Escape during Construction. IBM developerWorks (2002).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="94b41af9-419d-463c-819e-6ae45f9f4ae3"><ac:parameter ac:name="">Goetz 04</ac:parameter></ac:structured-macro>
[Goetz 2004] Goetz, Brian. Java Theory and Practice: Garbage Collection and Performance: Hints, Tips, and Myths about Writing Garbage Collection-Friendly Classes. IBM developerWorks (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="be067fb6-d0e5-4d9c-b761-4cee923bb5ec"><ac:parameter ac:name="">Goetz 04b</ac:parameter></ac:structured-macro>
[Goetz 2004b] Goetz, Brian. Java Theory and Practice: The Exceptions Debate: To Check, or Not to Check? IBM developerWorks (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="403ad8db-6b88-41d6-93a3-6180d11139c9"><ac:parameter ac:name="">Goetz 04c</ac:parameter></ac:structured-macro>
[Goetz 2004c] Goetz, Brian. Java Theory and Practice: Going Atomic: The New Atomic Classes Are the Hidden Gems of java.util.concurrent. IBM developerWorks (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2f8aa032-2de8-4268-bf05-1285353f3aa3"><ac:parameter ac:name="">Goetz 05</ac:parameter></ac:structured-macro>
[Goetz 2005] Goetz, Brian. Java Theory and Practice: Be a Good (event) Listener, Guidelines for Writing and Supporting Event Listeners. IBM developerWorks (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8f023eb4-1fbd-417b-9a6c-bed741165795"><ac:parameter ac:name="">Goetz 05b</ac:parameter></ac:structured-macro>
[Goetz 2005b] Goetz, Brian. Java Theory and Practice: Plugging Memory Leaks with Weak References: Weak References Make It Easy to Express Object Lifecycle Relationships. IBM developerWorks (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="adad658c-bdb1-4b7f-b19f-c44872927022"><ac:parameter ac:name="">Goetz 06</ac:parameter></ac:structured-macro>
[Goetz 2006] Goetz, Brian, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, and Doug Lea. Java Concurrency in Practice. Upper Saddle River, NJ: Addison-Wesley Professional (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf66ba3a-8cca-4195-adc4-9e2015cbab2b"><ac:parameter ac:name="">Goetz 06b</ac:parameter></ac:structured-macro>
[Goetz 2006b] Goetz, Brian. Java Theory and Practice: Good Housekeeping Practices. IBM developerWorks (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="00a72275-1c48-4982-a966-7b437ad1e5e9"><ac:parameter ac:name="">Goetz 07</ac:parameter></ac:structured-macro>
[Goetz 2007] Goetz, Brian. Java Theory and Practice: Managing Volatility: Guidelines for Using Volatile Variables. IBM developerWorks (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="81f3aa22-264f-4110-a50e-4a52482924f3"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro>
[Goldberg 1991] Goldberg, David. What Every Computer Scientist Should Know About Floating-Point Arithmetic. ©Sun Microsystems (1991/2000).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cc3abc36-9124-4a25-a508-dc45d3fc0ca0"><ac:parameter ac:name="">Gong 03</ac:parameter></ac:structured-macro>
[Gong 2003] Gong, Li, Gary Ellison, and Mary Dageforde. Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd ed. Upper Saddle River, NJ: Prentice Hall (2003).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6da4308e-4b6f-43f9-9fa7-3ee48d425340"><ac:parameter ac:name="">Grand 02</ac:parameter></ac:structured-macro>
[Grand 2002] Grand, Mark. Patterns in Java, Vol. 1, 2nd ed. New York: Wiley (2002).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ec77c0b6-67a4-4a98-9012-354579b4b8e6"><ac:parameter ac:name="">Greanier 00</ac:parameter></ac:structured-macro>
[Greanier 2000] Greanier, Todd. Discover the Secrets of the Java Serialization API. Sun Developer Network (SDN) (2000).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f1ad44f2-ac5e-4d01-97b4-5f0387ed8aee"><ac:parameter ac:name="">Green 08</ac:parameter></ac:structured-macro>
[Green 2008] Green, Roedy. Canadian Mind Products Java & Internet Glossary (2008/2012).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c7390241-d91a-46c4-a583-ef8f7149bfcb"><ac:parameter ac:name="">Grigg 06</ac:parameter></ac:structured-macro>
[Grigg 2006] Grigg, Jeffery. Reflection on Inner Classes (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="43bf7a26-a35f-4882-bc19-4333d9c2ee9c"><ac:parameter ac:name="">Grosso 01</ac:parameter></ac:structured-macro>
[Grosso 2001] Grosso, William. Java RMI. Sebastopol, CA: O'Reilly (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1f7897e2-b8ef-48ba-b42d-7cdacdb42b80"><ac:parameter ac:name="">Gupta 05</ac:parameter></ac:structured-macro>
[Gupta 2005] Gupta, Satish Chandra, and Rajeev Palanki. Java Memory Leaksâ”Catch Me If You Can: Detecting Java Leaks Using IBM Rational Application Developer 6.0. IBM developerWorks (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="73bea374-7933-4885-a9ce-9fd82b7833c1"><ac:parameter ac:name="">Haack 06</ac:parameter></ac:structured-macro>
[Haack 2006] Haack, Christian, Erik Poll, Jan Schäfer, and Aleksy Schubert. Immutable Objects in Java (research report). Radboud University Nijmegen (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ae3081ff-fae0-436f-91a2-4139eb051d18"><ac:parameter ac:name="">Haggar 00</ac:parameter></ac:structured-macro>
[Haggar 2000] Haggar, Peter. _Practical Java⢠Programming Language Guide_. Reading, MA: Addison-Wesley Professional (2000).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ec321254-5c8a-4873-956d-7e7c48e85ba1"><ac:parameter ac:name="">Halloway 00</ac:parameter></ac:structured-macro>
[Halloway 2000] Halloway, Stuart. Java Developer Connection Tech Tips, March 28, 2000. ©Sun Microsystems (2000).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="de679eb5-b4ec-46d7-a81b-629f77859d8e"><ac:parameter ac:name="">Halloway 01</ac:parameter></ac:structured-macro>
[Halloway 2001] Halloway, Stuart. Java Developer Connection Tech Tips, January 30, 2001. ©Sun Microsystems (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fe8136ed-b17f-47e2-8255-200b72a88bcd"><ac:parameter ac:name="">Harold 97</ac:parameter></ac:structured-macro>
[Harold 1997] Harold, Elliotte Rusty. Java Secrets. Foster City, CA: IDG Books Worldwide (1997).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d060e74-6cd3-4faa-b479-4104879b1df9"><ac:parameter ac:name="">Harold 99</ac:parameter></ac:structured-macro>
[Harold 1999] Harold, Elliotte Rusty. Java I/O. Sebastopol, CA: O'Reilly (1999).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="729602b3-b606-46a8-b44c-b1c28b8723a6"><ac:parameter ac:name="">Harold 06</ac:parameter></ac:structured-macro>
[Harold 2006] Harold, Elliotte Rusty. Java I/O, 2nd ed. Sebastopol, CA: O'Reilley (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7cbf113f-d861-41da-865d-1d2bfc00780c"><ac:parameter ac:name="">Hawtin 08</ac:parameter></ac:structured-macro>
[Hawtin 2008] Hawtin, Thomas. Secure Coding Antipatterns: Preventing Attacks and Avoiding Vulnerabilities. Sun Microsystems, Make It Fly. London (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="20785b31-6b1c-412d-a00c-44bf540966f2"><ac:parameter ac:name="">Henney 03</ac:parameter></ac:structured-macro>
[Henney 2003] Henney, Kevlin. Null Object, Something for Nothing (2003).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="71680114-d850-40d4-8ff5-6db2d90bc689"><ac:parameter ac:name="">Hitchens 02</ac:parameter></ac:structured-macro>
[Hitchens 2002] Hitchens, Ron. _Java⢠NIO_. Cambridge, MA: O'Reilly (2002).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cfc8f425-e7e1-4928-9bf5-63592d412768"><ac:parameter ac:name="">Hornig 07</ac:parameter></ac:structured-macro>
[Hornig 2007] Hornig, Charles. Advanced Java⢠Globalization. JavaOne Conference (2007).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="893d0889-1741-447f-84fe-71a48a8f9178"><ac:parameter ac:name="">Hovemeyer 07</ac:parameter></ac:structured-macro>
[Hovemeyer 2007] Hovemeyer, David, and William Pugh. Finding More Null Pointer Bugs, But Not Too Many. In Proceedings of the 7th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE), San Diego (2007).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fd358505-720a-4643-80ee-cc29fe8a6d43"><ac:parameter ac:name="">Hunt 98</ac:parameter></ac:structured-macro>
[Hunt 1998] Hunt, J., and F. Long. Java's Reliability: An Analysis of Software Defects in Java. IEE Proceedings: Software 145(2/3):41â“50 (1998).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="84894c55-91df-43dd-89b7-056c89990dc7"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro>
[IEC 60812 2006] IEE (International Electrotechnical Commission). Analysis Techniques for System Reliability: Procedure for Failure Mode and Effects Analysis (FMEA), 2nd ed. Geneva: IEC (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f62451d8-10e5-47f6-85a2-8f1ba556c2a6"><ac:parameter ac:name="">IEEE 754 2006</ac:parameter></ac:structured-macro>
[IEEE 754 2006] IEEE (Institute of Electrical and Electronics Engineers). Standard for Binary Floating-Point Arithmetic (IEEE 754-1985). New York: IEEE (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d15dae0d-294b-479d-aafb-5f0429e3fcb7"><ac:parameter ac:name="">J2SE 00</ac:parameter></ac:structured-macro>
[J2SE 2000] JavaTM 2 SDK, Standard Edition Documentation, J2SE Documentation version 1.3. Sun Microsystems/Oracle (2000/2010).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f83b4b50-be7e-4ce8-8651-70cab6ae36c7"><ac:parameter ac:name="">JarSpec 08</ac:parameter></ac:structured-macro>
[JarSpec 2008] J2SE Documentation version 1.5, Jar File Specification. Oracle (2008/2010).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="53cd154b-2838-459a-9dd3-4e255f3ccc4d"><ac:parameter ac:name="">Java 06</ac:parameter></ac:structured-macro>
[Java 2006] java: The Java Application Launcher. Oracle (2006/2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="03ca2045-33fa-410e-898b-685c4f1fcf59"><ac:parameter ac:name="">Java2NS 99</ac:parameter></ac:structured-macro>
[Java2NS 1999] Pistoia, Marco, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani. Java 2 Network Security. Upper Saddle River, NJ: Prentice Hall (1999).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="da33efa0-5bd1-49e2-95e8-b42065adf4a4"><ac:parameter ac:name="">JavaGenerics 04</ac:parameter></ac:structured-macro>
[JavaGenerics 2004] Java Generics. Oracle (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="edc01923-6a2c-4be4-aaaa-94b8b1cbbe50"><ac:parameter ac:name="">JavaThreads 99</ac:parameter></ac:structured-macro>
[JavaThreads 1999] Oaks, Scott, and Henry Wong. Java Threads, 2nd ed. Sebastopol, CA: O'Reilly (1999).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="676235cd-fa81-48ed-a7fa-e0680261266b"><ac:parameter ac:name="">JavaThreads 04</ac:parameter></ac:structured-macro>
[JavaThreads 2004] Oaks, Scott, and Henry Wong. Java Threads, 3rd ed. Sebastopol, CA: O'Reilly (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="79d6e0a6-34c4-4117-9daf-ee5f00f7b9ff"><ac:parameter ac:name="">JDK7 08</ac:parameter></ac:structured-macro>
[JDK7 2008] Java⢠Platform, Standard Edition 7 Documentation. Oracle (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="da402684-87a0-4ac1-af0a-95c6a049b7c5"><ac:parameter ac:name="">JLS 05</ac:parameter></ac:structured-macro>
[JLS 2005] Gosling, James, Bill Joy, Guy Steele, and Gilad Bracha. Java Language Specification, 3rd ed. Upper Saddle River, NJ: Prentice Hall (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="75bfb388-107e-40d2-ba12-00bdc72bb6ce"><ac:parameter ac:name="">JLS 11</ac:parameter></ac:structured-macro>
[JLS 2011] Gosling, James, Bill Joy, Guy Steele, Gilad Bracha, and Alex Buckley. Java Language Specification: Java SE 7 Edition. Oracle America (2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1f3b0577-c054-4c3b-9174-349924479821"><ac:parameter ac:name="">JMX 06</ac:parameter></ac:structured-macro>
[JMX 2006] Monitoring and Management for the Java Platform. Oracle (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c6f1237d-74c0-4888-9606-5ce08e05dd8e"><ac:parameter ac:name="">JMXG 06</ac:parameter></ac:structured-macro>
[JMXG 2006] Java SE Monitoring and Management Guide. Oracle (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="77b7a40e-1b52-4e35-bb51-3277be107cf3"><ac:parameter ac:name="">JNI 06</ac:parameter></ac:structured-macro>
[JNI 2006] Java Native Interface. Oracle (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="24bc1cf3-c648-4c36-9c66-d5c80f695ff8"><ac:parameter ac:name=""> Jovanovic 06</ac:parameter></ac:structured-macro>
[Jovanovic 2006] Jovanovic, Nenad, Christopher Kruegel, and Engin Kirda. Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper). In Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), pp. 258â“263, May 21â“24, Oakland, CA (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ca5d84c1-677e-4305-ab9c-6e99411e4da5"><ac:parameter ac:name="">JPDA 04</ac:parameter></ac:structured-macro>
[JPDA 2004] Java Platform Debugger Architecture (JPDA). Oracle (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="abe1fcab-b25f-423b-957e-142f48ebd03d"><ac:parameter ac:name="">JPL 06</ac:parameter></ac:structured-macro>
[JPL 2006] Arnold, Ken, James Gosling, and David Holmes. _The Java⢠Programming Language_, 4th ed. Reading, MA: Addison-Wesley Professional (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="adbc1547-fcc9-4daf-8d30-96e1dbd783dd"><ac:parameter ac:name="">JSR-133 04</ac:parameter></ac:structured-macro>
[JSR-133 2004] JSR-133: JavaTM Memory Model and Thread Specification (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d1701158-a400-4582-b18c-7f228a049539"><ac:parameter ac:name="">JVMTI 06</ac:parameter></ac:structured-macro>
[JVMTI 2006] Java Virtual Machine Tool Interface (JVM TI). Oracle (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4e41d3b2-91b4-4304-959d-5322f5026b4e"><ac:parameter ac:name="">JVMSpec 99</ac:parameter></ac:structured-macro>
[JVMSpec 1999] The Java Virtual Machine Specification. Oracle (1999).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e238564f-be33-4428-b7f1-3d46d2605da7"><ac:parameter ac:name="">Kabanov 09</ac:parameter></ac:structured-macro>
[Kabanov 2009] Kabanov, Jevgeni. The Ultimate Java Puzzler (2009).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b4b35a1d-e2a0-4c74-b040-6f98d486a944"><ac:parameter ac:name="">Kabutz 01</ac:parameter></ac:structured-macro>
[Kabutz 2001] Kabutz, Heinz M. The Java Specialists' Newsletter. (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9672736b-4a20-4a1c-8d24-7eb620a60e7e"><ac:parameter ac:name="">Kalinovsky 04</ac:parameter></ac:structured-macro>
[Kalinovsky 2004] Kalinovsky, Alex. Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering. Indianapolis: SAMS (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a4c94a66-e68a-4353-b624-2d985cbd9906"><ac:parameter ac:name="">Knoernschild 01</ac:parameter></ac:structured-macro>
[Knoernschild 2001] Knoernschild, Kirk. _Java⢠Design: Objects, UML, and Process_. Boston: Addison-Wesley Professional (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b3833e2-e06b-4e5d-a17a-4d280e4b9334"><ac:parameter ac:name="">Lai 08</ac:parameter></ac:structured-macro>
[Lai 2008] Lai, Charlie. Java Insecurity: Accounting for Subtleties That Can Compromise Code. IEEE Software 25(1):13â“19 (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a4e30d7f-ab44-400d-97bc-e2ba4f856639"><ac:parameter ac:name="">Langer 08</ac:parameter></ac:structured-macro>
[Langer 2008] Langer, Angelica, trainer and consultant. http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="79c1ec91-0938-4fd7-a12c-cb308b554d67"><ac:parameter ac:name="">Lea 00</ac:parameter></ac:structured-macro>
[Lea 2000] Lea, Doug. Concurrent Programming in Java: Design Principles and Patterns, 2nd ed. Reading, MA: Addison-Wesley (2000).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ee4cf773-867c-4644-aab1-086a3c5fee77"><ac:parameter ac:name="">Lea 00b</ac:parameter></ac:structured-macro>
[Lea 2000b] Lea, Doug, and William Pugh. Correct and Efficient Synchronization of Java⢠Technologyâ“based Threads. JavaOne Conference (2000).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9b7cd70c-d67c-4bf9-b381-251ccf3fa349"><ac:parameter ac:name="">Lea 08</ac:parameter></ac:structured-macro>
[Lea 2008] Lea, Doug. The JSR-133 Cookbook for Compiler Writers (2008/2011).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f33c8922-4f83-46bc-b4a7-b70e853e3589"><ac:parameter ac:name="">Lee 09</ac:parameter></ac:structured-macro>
[Lee 2009] Lee, Sangjin, Mahesh Somani, and Debashis Saha eBay Inc. Robust and Scalable Concurrent Programming: Lessons from the Trenches. JavaOne Conference (2009).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8832a9fa-2a3b-4d42-be9d-43d684030f0b"><ac:parameter ac:name="">Liang 97</ac:parameter></ac:structured-macro>
[Liang 1997] Liang, Sheng. _The Java⢠Native Interface, Programmer's Guide and Specification_. Reading, MA: Addison-Wesley (1997).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="29072e8a-a463-4cea-a2f0-95d2e9ba5224"><ac:parameter ac:name="">Liang 98</ac:parameter></ac:structured-macro>
[Liang 1998] Liang, Sheng, and Gilad Bracha. Dynamic Class Loading in the Java⢠Virtual Machine. In Proceedings of the 13th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, New York (1998).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5a35092b-8c6d-4f10-84e9-3890789c6364"><ac:parameter ac:name="">Lieberman 86</ac:parameter></ac:structured-macro>
[Lieberman 1986] Lieberman, Henry. Using Prototypical Objects to Implement Shared Behavior in Object-Oriented Systems. In Proceedings of the Conference on Object-Oriented Programming Systems, Languages and Applications, pp. 214â“223, Portland, OR (1986).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2da57719-18ec-4eb0-bc80-993f55579e92"><ac:parameter ac:name="">Lo 05</ac:parameter></ac:structured-macro>
[Lo 2005] Lo, Chia-Tien Dan, Srisa-an, Witawas, and Chang, J. Morris. Security Issues in Garbage Collection. STSC Crosstalk, (2005, October).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0fd4dd44-fc81-4286-ba0e-ead8261de658"><ac:parameter ac:name="">Long 05</ac:parameter></ac:structured-macro>
[Long 2005] Long, Fred. Software Vulnerabilities in Java. CMU/SEI-2005-TN-044 (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="32c0a85e-31f4-481d-a68a-37bb9804a633"><ac:parameter ac:name="">Long 11</ac:parameter></ac:structured-macro>
[Long 2011] Long, Fred, Dhruv Mohindra, Robert C. Seacord, and Dean F. Sutherland. The CERT Oracle Secure Coding Standard for Java, SEI Series in Software Engineering. Upper Saddle River, NJ: Addison-Wesley (2011)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="721001be-b173-4e5f-9524-46c9f4227630"><ac:parameter ac:name="">Low 97</ac:parameter></ac:structured-macro>
[Low 1997] Low, Douglas. Protecting Java Code via Obfuscation. Crossroads 4(3):21â“23 (1997).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="05ed14b1-fe4f-4c4d-a5f4-a864d9e96527"><ac:parameter ac:name="">Macgregor 98</ac:parameter></ac:structured-macro>
[Macgregor 1998] Macgregor, Robert, Dave Durbin, John Owlett, and Andrew Yeomans. Java Network Security. Upper Saddle River, NJ: Prentice Hall PTR (1998).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ceefb99f-f800-4f70-9944-9c6e7d93ce4c"><ac:parameter ac:name="">Mahmoud 02</ac:parameter></ac:structured-macro>
[Mahmoud 2002] Mahmoud, H. Qusay. Compressing and Decompressing Data Using Java APIs. Oracle (2002).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf6377ea-62da-493e-8e97-8b7c2577bb09"><ac:parameter ac:name="">Mak 02</ac:parameter></ac:structured-macro>
[Mak 2002] Mak, Ronald. Java Number Cruncher: The Java Programmer's Guide to Numerical Computing. Upper Saddle River, NJ: Prentice Hall (2002).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5a478f50-60be-4b49-bbb8-ad40d5abc4a0"><ac:parameter ac:name="">Manson 04</ac:parameter></ac:structured-macro>
[Manson 2004] JSR 133 (Java Memory Model) FAQ, by Jeremy Manson and Brian Goetz. (2004)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="09449cf1-c776-4508-814b-18c652b3e3b2"><ac:parameter ac:name="">Manson 06</ac:parameter></ac:structured-macro>
[Manson 2006] The Java⢠Memory Model: the building block of concurrency, by Jeremy Manson and William Pugh, JavaOne Conference. (2006)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="86b2b0c7-5a9a-440b-94fa-26bf4b93980d"><ac:parameter ac:name="">Martin 96</ac:parameter></ac:structured-macro>
[Martin 1996] Granularity, by Robert C. Martin. (1996)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="32253607-2994-446f-afda-8e6de372487f"><ac:parameter ac:name="">McCluskey 01</ac:parameter></ac:structured-macro>
[McCluskey 2001] Java Developer Connection Tech Tips, by Glen McCluskey, April 10, 2001. (2001)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="21dfcc73-f5e9-4dd8-8d29-83ce3a7643cd"><ac:parameter ac:name="">McGraw 99</ac:parameter></ac:structured-macro>
[McGraw 1999] Securing Java, Getting Down to Business with Mobile Code, by Gary McGraw and Edward W. Felten. Wiley. (1999)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="14b273ec-69d1-4652-b2d0-938d006abd46"><ac:parameter ac:name="">McGraw 98</ac:parameter></ac:structured-macro>
[McGraw 1998] Twelve rules for developing more secure Java code, Gary McGraw and Edward Felten, JavaWorld.com. (1998)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1fcf9cc3-d8bc-4b01-8984-40c6f4b82d1f"><ac:parameter ac:name="">Miller 09</ac:parameter></ac:structured-macro>
[Miller 2009] Java⢠Platform Concurrency Gotchas, by Alex Miller, Terracotta. JavaOne Conference. (2009)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dddae3c2-d50c-4b26-ab19-a506f94e05fb"><ac:parameter ac:name="">MITRE 09</ac:parameter></ac:structured-macro>
[MITRE 2009] Common Weakness Enumeration, MITRE Corporation. (2009)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c65fa089-923b-4f14-bfbe-b3ec584330ad"><ac:parameter ac:name="">Mocha 07</ac:parameter></ac:structured-macro>
[Mocha 2007] Mocha, the Java Decompiler (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1c6239c3-3a89-4c6d-974e-4cd070de3443"><ac:parameter ac:name="">Monsch 06</ac:parameter></ac:structured-macro>
[Monsch 2006] Ruining Security with java.util.Random Version 1.0, by Jan P. Monsch. (2006)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="67df920b-b9ce-4b56-8548-c3e950f7888e"><ac:parameter ac:name="">MSDN 09</ac:parameter></ac:structured-macro>
[MSDN 2009] Using SQL Escape Sequences, Microsoft Corporation. (2009)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6c90ea15-b391-4eb2-b037-aa309c7968a7"><ac:parameter ac:name="">Muchow 01</ac:parameter></ac:structured-macro>
[Muchow 2001] MIDlet Packaging with J2ME, by John W. Muchow (2001)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="53f00312-a4ae-4a01-bc1f-cd6ba9816d19"><ac:parameter ac:name="">Müller 02</ac:parameter></ac:structured-macro>
[Müller 2002] Exception Handling: Common Problems and Best Practice with Java 1.4 by Dr. Andreas Müller and Geoffrey Simmons, Sun Microsystems GmbH. (2002)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9874ce23-fd6e-463d-bb62-82a11e8e3e65"><ac:parameter ac:name="">Naftalin 06</ac:parameter></ac:structured-macro>
[Naftalin 2006] Java Generics and Collections, Maurice Naftalin and Philip Wadler, O'Reilly (2006)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6e4af6e1-ce53-4846-b531-80afc25f7a7a"><ac:parameter ac:name="">Naftalin 06b</ac:parameter></ac:structured-macro>
[Naftalin 2006b] Java⢠Generics and Collections: Tools for Productivity, by Maurice Naftalin, Morningside Light Ltd, Philip Wadler, University of Edinburgh. JavaOne Conference (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1fde413d-9da6-4c29-8dcd-2bf9b28e7256"><ac:parameter ac:name="">Netzer 92</ac:parameter></ac:structured-macro>
[Netzer 1992] What Are Race Conditions? Some Issues and Formalization, by ROBERT H. B. NETZER and BARTON P. MILLER, University of Wisconsin — Madison. (1992)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="323c2d53-c343-4f33-b315-985c141aea65"><ac:parameter ac:name="">Neward 04</ac:parameter></ac:structured-macro>
[Neward 2004] Effective Enterprise Java, by Ted Neward. Addison Wesley Professional. (2004)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fbd6a731-a2fa-4d86-af97-ce65ade885db"><ac:parameter ac:name="">Nisewanger 07</ac:parameter></ac:structured-macro>
[Nisewanger 2007] Avoiding Antipatterns, by Jeff Nisewanger, JavaOne Conference (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="60669bb2-4d0e-4e24-8ae2-fe3c880a6528"><ac:parameter ac:name="">Nolan 04</ac:parameter></ac:structured-macro>
[Nolan 2004] Decompiling Java, by Godfrey Nolan, Apress. (2004)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2070f132-4d88-41b9-af81-fb9bdc9c899b"><ac:parameter ac:name="">Oaks 01</ac:parameter></ac:structured-macro>
[Oaks 2001] Java Security, by Scott Oaks. O'REILLY. (2001)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e9630212-8798-41dc-9ae5-268ba9c7aa02"><ac:parameter ac:name="">Oracle 10</ac:parameter></ac:structured-macro>
[Oracle 2010a] Java SE 6 HotSpot[tm] Virtual Machine Garbage Collection Tuning, Oracle Corporation. (2010)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b959fb6f-e1c9-4527-bdd5-b703f2d1532c"><ac:parameter ac:name="">OWASP 05</ac:parameter></ac:structured-macro>
[OWASP 2005] A Guide to Building Secure Web Applications and Web Services. The Open Web Application Security Project. (2005)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="17c25ee9-f595-4930-b941-cf01e5640504"><ac:parameter ac:name="">OWASP 07</ac:parameter></ac:structured-macro>
[OWASP 2007] OWASP TOP 10 FOR JAVA EE. The Open Web Application Security Project. (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8bcf1173-2bb5-4614-8e41-a9ca218e934c"><ac:parameter ac:name="">OWASP 08</ac:parameter></ac:structured-macro>
[OWASP 2008] OWASP. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fa033c57-296f-4fb6-8988-a6a22730bda7"><ac:parameter ac:name="">Permissions 08</ac:parameter></ac:structured-macro>
[Permissions 2008] Permissions in the Java⢠SE 6 Development Kit (JDK), Sun Microsystems, Inc. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d8f96f1c-2d74-4fe5-a637-8e44a8baad22"><ac:parameter ac:name="">Philion 03</ac:parameter></ac:structured-macro>
[Philion 2003] Beware the dangers of generic Exceptions, by Paul Philion, JavaWorld.com. (2003)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6fede288-b5fb-4caf-8c9e-10897c7524f0"><ac:parameter ac:name="">Phillips 05</ac:parameter></ac:structured-macro>
[Phillips 2005] Are We Counting Bytes Yet? at the 27th Internationalization and Unicode Conference, by by Addison P. Phillips. webMethods, Inc. (2005)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d2daabf0-e548-47a3-a3d5-a0037db06c21"><ac:parameter ac:name="">Pistoia 04</ac:parameter></ac:structured-macro>
[Pistoia 2004] Enterprise Java Security: Building Secure J2EE Applications, by Marco Pistoia, Nataraj Nagaratnam, Larry Koved and Anthony Nadalin. Addison Wesley. (2004)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c575e0ba-393a-4efa-97f1-01fdb99776f0"><ac:parameter ac:name="">Policy 02</ac:parameter></ac:structured-macro>
[Policy 2002] Default Policy Implementation and Policy File Syntax, Document revision 1.6, Sun Microsystems, Inc. (2002)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a31afb3d-afac-4b99-bef6-ed003ad7e01b"><ac:parameter ac:name="">Pugh 04</ac:parameter></ac:structured-macro>
[Pugh 2004] The Java Memory Model (discussions reference) by William Pugh, Univ. of Maryland. (2004)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3e46dd6b-8604-413d-b46d-d6c2432f4c61"><ac:parameter ac:name="">Pugh 08</ac:parameter></ac:structured-macro>
[Pugh 2008] Defective Java Code: Turning WTF Code into a Learning Experience, by William Pugh, Univ. of Maryland. JavaOne Conference. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="689dbb55-3080-4903-9a9a-3cae3d1269df"><ac:parameter ac:name="">Pugh 09</ac:parameter></ac:structured-macro>
[Pugh 2009] Defective Java Code: Mistakes That Matter, by William Pugh, Univ. of Maryland. JavaOne Conference. (2009)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f8ee68f1-423e-4d2b-baa9-a74e10d17fb9"><ac:parameter ac:name="">Reasoning 03</ac:parameter></ac:structured-macro>
[Reasoning 2003] Reasoning Inspection Service Defect Data Tomcat v 1.4.24, Reasoning. 14 Nov 2003. (2003)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="75320790-c5ed-49e0-bd2b-a4f3cfa7f9ef"><ac:parameter ac:name="">Reflect 06</ac:parameter></ac:structured-macro>
[Reflect 2006] Reflection, Sun Microsystems, Inc. (2006)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2dd1e031-92ad-40a1-a105-4f259bd6abe8"><ac:parameter ac:name="">Rogue 00</ac:parameter></ac:structured-macro>
[Rogue 2000] The Elements of Java Style, by Vermeulen, Ambler, Metz, Misfeldt, Shur, and Thompson. Cambridge University Press (2000)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0186c101-f86e-41c8-9465-162df804998e"><ac:parameter ac:name="">Rotem 08</ac:parameter></ac:structured-macro>
[Rotem 2008] Fallacies of Distributed Computing Explained, by Arnon Rotem-Gal-Oz. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="17dc9913-4f47-4c82-9076-7f1b050ed9f7"><ac:parameter ac:name="">Roubtsov 03</ac:parameter></ac:structured-macro>
[Roubtsov 2003] Breaking Java exception-handling rules is easy, by Vladimir Roubtsov, JavaWorld.com. (2003)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c28ffea0-c47f-4cf0-bf07-04d9be08ac53"><ac:parameter ac:name="">Roubtsov 03b</ac:parameter></ac:structured-macro>
[Roubtsov 2003b] Into the mist of serialization myths, by Vladimir Roubtsov, JavaWorld.com. (2003)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8ff36493-80e9-47be-8b2b-ebf821dd6235"><ac:parameter ac:name="">Saltzer 74</ac:parameter></ac:structured-macro>
[Saltzer 1974] Saltzer, J. H. Protection and the Control of Information Sharing in Multics. Communications of the ACM 17, 7 (July 1974): 388---402.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="194f3003-aa41-4d96-b087-b810ade5af7d"><ac:parameter ac:name="">Saltzer 75</ac:parameter></ac:structured-macro>
[Saltzer 1975] Saltzer, J. H., & Schroeder, M. D. "The Protection of Information in Computer Systems." Proceedings of the IEEE 63, 9 (September 1975): 1278-1308.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="39155571-e196-4df3-b6c3-683df8366da9"><ac:parameter ac:name="">SCG 07</ac:parameter></ac:structured-macro>
[SCG 2007] Secure Coding Guidelines for the Java Programming Language, version 2.0, Sun Microsystems, Inc. (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c72ed906-06e6-44d6-b8bb-e340be5f1df7"><ac:parameter ac:name="">SCG 09</ac:parameter></ac:structured-macro>
[SCG 2009] Secure Coding Guidelines for the Java Programming Language, version 3.0, Sun Microsystems, Inc. (2009)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8ceecbea-eeda-4626-8988-85bad6dc00b2"><ac:parameter ac:name="">Schildt 07</ac:parameter></ac:structured-macro>
[Schildt 2007] Herb Schildt's Java Programming Cookbook, Herb Schildt, McGraw-Hill (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c6f80d0e-e296-44b2-9834-cbed2c146e0c"><ac:parameter ac:name="">Schneier 00</ac:parameter></ac:structured-macro>
[Schneier 2000] Secrets and Lies---Digital Security in a Networked World , by Bruce Schneier. ISBN 0-471-25311-1, John Wiley and Sons. (2000)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="61d4dc4e-d53e-4859-a3a8-d8331d015b30"><ac:parameter ac:name="">Schoenefeld 04</ac:parameter></ac:structured-macro>
[Schoenefeld 2004] Java Vulnerabilities in Opera 7.54 BUGTRAQ Mailing List (bugtraq@securityfocus.com), Nov 2004. (2004)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="10fd4612-bb23-44b6-98a1-b5831f0a5ba2"><ac:parameter ac:name="">Schwarz 04</ac:parameter></ac:structured-macro>
[Schwarz 2004] Avoiding Checked Exceptions, by Don Schwarz, ONJava (2004)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1ee1400a-6d9b-49ad-a8bc-b46553b1eb39"><ac:parameter ac:name="">Schweisguth 03</ac:parameter></ac:structured-macro>
[Schweisguth 2003] Java Tip 134: When catching exceptions, don't cast your net too wide, by Dave Schweisguth. Javaworld.com. (2003)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2f2adcf4-0bba-467c-a19a-07bf8d34eba2"><ac:parameter ac:name="">SDN 08</ac:parameter></ac:structured-macro>
[SDN 2008] SUN Developer Network, Sun Microsystems, Inc. (1994-2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b35a1814-36a3-44d9-8e22-f55e644accaf"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro>
[Seacord 2005] Seacord, Robert C. Secure Coding in C and C++. Boston, MA: Addison-Wesley. (2005)
See http://www.cert.org/books/secure-coding for news and errata.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="05e7ac70-252d-418a-85f0-22c8cb55d57c"><ac:parameter ac:name="">SecArch 06</ac:parameter></ac:structured-macro>
[SecArch 2006] Java 2 Platform Security Architecture, Sun Microsystems, Inc. (2006)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e1e64e24-c59e-4aa4-b8dd-72d87a569918"><ac:parameter ac:name="">Security 06</ac:parameter></ac:structured-macro>
[Security 2006] Java Security Guides, Sun Microsystems, Inc. (2006)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c1ca0fd5-8259-44eb-afe7-23d6eef30173"><ac:parameter ac:name="">SecuritySpec 08</ac:parameter></ac:structured-macro>
[SecuritySpec 2008] http://java.sun.com/j2se/1.5.0/docs/guide/security/spec/security-specTOC.fm.html, Sun Microsystems, Inc. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="482ffc40-0336-4915-8fe9-3ee2e281394b"><ac:parameter ac:name="">Sen 07</ac:parameter></ac:structured-macro>
[Sen 2007] Avoid the dangers of XPath injection, by Robi Sen, IBM developerWorks. (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b1d426ab-da8d-4a40-a148-7aeda1313049"><ac:parameter ac:name="">Steel 05</ac:parameter></ac:structured-macro>
[Steel 2005] Core Security Patterns: Best Practices and Strategies for J2EEâ¢, Web Services, and Identity Management, by Christopher Steel, Ramesh Nagappan and Ray Lai. Prentice Hall PTR / Sun Microsystems, Inc. (2005)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8eda5d5e-0ff5-4a8b-ad55-6c68a3fcc709"><ac:parameter ac:name="">Steele 1977</ac:parameter></ac:structured-macro>
[Steele 1977] Steele, G. L. "Arithmetic shifting considered harmful." SIGPLAN Not. 12, 11 (November 1977), 61-69.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f979572a-9240-48c7-8e8c-811cce26d083"><ac:parameter ac:name="">Steinberg 05</ac:parameter></ac:structured-macro>
[Steinberg 2005] Java Developer Connection Tech Tips "Using the Varargs Language Feature", Daniel H. Steinberg, January 4, 2005. (2005)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e7a86f4e-4aae-4b9b-b309-858f11b4c127"><ac:parameter ac:name="">Sterbenz 06</ac:parameter></ac:structured-macro>
[Sterbenz 2006] Secure Coding Antipatterns: Avoiding Vulnerabilities, by Andreas Sterbenz and Charlie Lai, Sun Microsystems. JavaOne Conference. (2006)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d06f4e2e-361a-4001-b0a4-3ca82dd53de1"><ac:parameter ac:name="">Steuck 02</ac:parameter></ac:structured-macro>
[Steuck 2002] XXE (Xml eXternal Entity) attack, by Gregory Steuck (www.securityfocus.com). (2002)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eca1a362-696e-4382-8ac1-34982212e1d7"><ac:parameter ac:name="">Sun 04</ac:parameter></ac:structured-macro>
[Sun 1999] Why Are Thread.stop, Thread.suspend, Thread.resume and Runtime.runFinalizersOnExit Deprecated?, Sun Microsystems, Inc. (1999)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="68b59162-8590-44e7-b98a-ece805c87f9f"><ac:parameter ac:name="">Sun 03</ac:parameter></ac:structured-macro>
[Sun 2003] Sun ONE Application Server 7 Performance Tuning Guide, Sun Microsystems, Inc. (2003)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="36af3198-1366-415b-9c72-8efd58b75a05"><ac:parameter ac:name="">Sun 06</ac:parameter></ac:structured-macro>
[Sun 2006] Java⢠Platform, Standard Edition 6 documentation, Sun Microsystems, Inc. (2006)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d3e47f24-b05c-4849-a569-167295f04b4f"><ac:parameter ac:name="">Sun 08</ac:parameter></ac:structured-macro>
[Sun 2008] Java⢠Plug-in and Applet Architecture, Sun Microsystems, Inc. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="035be420-c917-4e0a-9a81-59b9d81f1bee"><ac:parameter ac:name="">Sutherland 10</ac:parameter></ac:structured-macro>
[Sutherland 2010] Composable thread coloring, by Dean F. Sutherland and William L. Scherlis. Principles and Practice of Parallel Programming, Proceedings of the 15th ACM SIGPLAN symposium on Principles and practice of parallel programming. (2010)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5f4df9da-8c5c-43f7-b5f8-e483970aa574"><ac:parameter ac:name=""> Tanenbaum 03</ac:parameter></ac:structured-macro>
[Tanenbaum 2003] Andrew S. Tanenbaum, Maarten Van Steen. Distributed Systems: Principles and Paradigms, 2/E. March, 2003. ISBN-10: 0132392275.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fee2cfc9-940e-4083-ab4c-9f3541d4d1ea"><ac:parameter ac:name="">Techtalk 07</ac:parameter></ac:structured-macro>
[Techtalk 2007] The PhantomReference Menace. Attack of the Clone. Revenge of the Shift., by Josh Bloch and William Pugh, JavaOne Conference. (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="71847a55-b29a-4d1a-acf2-e66e19f51e84"><ac:parameter ac:name="">Tomcat 09</ac:parameter></ac:structured-macro>
[Tomcat 2009] Tomcat documentation, Changelog and Security fixes, the Apache Software Foundation. (2009)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="949868e4-743a-4b16-8f12-7a420532052f"><ac:parameter ac:name="">Tools 11</ac:parameter></ac:structured-macro>
[Tools 2011] JDK Tools and Utilities Specification, Oracle Inc. (2011)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="333e4593-4783-4c03-b8cc-ad48843a588e"><ac:parameter ac:name="">Tutorials 08</ac:parameter></ac:structured-macro>
[Tutorials 2008] The Java Tutorials, Sun Microsystems, Inc. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6c347811-ddec-4db4-9ae7-fbfff8ba6d15"><ac:parameter ac:name="">Unicode 09</ac:parameter></ac:structured-macro>
[Unicode 2009] The Unicode Consortium. The Unicode Standard, Version 5.2.0, defined by: The Unicode Standard, Version 5.2, Mountain View, CA: The Unicode Consortium. ISBN 978-1-936213-00-9. (2009)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c94af2ca-dc81-43c3-a324-b9dc97c3a43e"><ac:parameter ac:name="">Venners 97</ac:parameter></ac:structured-macro>
[Venners 1997] Security and the class loader architecture Java World.com, by Bill Venners. (1997)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="18382c99-cb8f-48e5-8601-8b563f15cb04"><ac:parameter ac:name="">Venners 03</ac:parameter></ac:structured-macro>
[Venners 2003] Failure and Exceptions, A Conversation with James Gosling, Part II, by Bill Venners. Artima.com. (2003)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0a3e6eb0-9967-4436-9c4c-3d7d80d4cc67"><ac:parameter ac:name="">W3C 08</ac:parameter></ac:structured-macro>
[W3C 2008] Extensible Markup Language (XML) 1.0 (Fifth Edition), W3C Recommendation, by Tim Bray, Jean Paoli, C. M. Sperberg-McQueen, Eve Maler and François Yergeau. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="58b61fa5-0e57-4508-a821-d295fe0558cd"><ac:parameter ac:name="">Ware 08</ac:parameter></ac:structured-macro>
[Ware 2008] Writing Secure Java Code:A Taxonomy of Heuristics and an Evaluation of Static Analysis Tools, Michael S. Ware. (2008)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="50fd56e5-1b0b-41e3-ac1a-faadda4a0d90"><ac:parameter ac:name="">Weber 09</ac:parameter></ac:structured-macro>
[Weber 2009] Exploiting Unicode-enabled Software, by Chris Weber, Casaba Security. CanSecWest March 2009. (2009)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="96856f9e-7d21-46a8-88ed-faed3e50f06a"><ac:parameter ac:name="">Wheeler 03</ac:parameter></ac:structured-macro>
[Wheeler 2003] Secure Programming for Linux and Unix HOWTO, David A. Wheeler. (2003)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="31a72731-b89b-4e31-a839-b1af1606631c"><ac:parameter ac:name="">Zukowski 04</ac:parameter></ac:structured-macro>
[Zukowski 2004] Java Developer Connection Tech Tips "Creating Custom Security Permissions", John Zukowski, May 18, 2004. (2004)