\[Abadi 96\] Prudent Engineering Practice for Cryptographic Protocols, by Martin Abadi and Roger Needham, IEEE Transactions on Software Engineering Volume 22, Issue 1, Jan 1996 Page(s):6 - 15. (1996)

\[API 06\] [Java Platform, Standard Edition 6 API Specification|http://java.sun.com/javase/6/docs/api/], Sun Microsystems, Inc. (2006)

\[Austin 00\] [Advanced Programming for the Java 2 Platform|http://java.sun.com/developer/onlineTraining/Programming/JDCBook/index.html#contents], by Calvin Austin and Monica Pawlan, Addison Wesley Longman. (2000)

\[Bea 08\] [Packaging WebLogic Server J2EE Applications|http://edocs.bea.com/wls/docs61/programming/packaging.html] (2008)

\[Bloch 01\] Effective Java, Programming Language Guide, by Joshua Bloch. Addison Wesley. (2001)

\[Bloch 05\] Javaâ„¢ Puzzlers: Traps, Pitfalls, and Corner Cases, by Joshua Bloch and Neal Gafter. Pearson Education, Inc. (2005)

\[Bloch 07\] [Effective Javaâ„¢ Reloaded: This Time It's (not) for Real|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2689.pdf], by Joshua Bloch. JavaOne Conference. (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48114b8a-3dd0-41fe-bbcd-555045b5c3f8"><ac:parameter ac:name="">Bloch 08</ac:parameter></ac:structured-macro>

\[Bloch 08\] Effective Java, 2nd edition, by Joshua Bloch, Addison Wesley. (2008)

\[Bloch 09\] [Return of the Puzzlers: Schlock and Awe|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-5186.pdf], by Joshua Bloch, Google Inc. and Neal Gafter, Microsoft Corporation. JavaOne Conference. (2009)

\[Boehm 05\] Finalization, Threads, and the Javaâ„¢ Technology-Based Memory Model, by Hans-J. Boehm. JavaOne Conference. (2005)

\[Campione 96\] [The Java Tutorial, by Mary Campione and Kathy Walrath|http://www.telecom.ntua.gr/HTML.Tutorials/index.html] (1996)

\[CCITT 88\] CCITT. CCITT Blue Book, Recommendation X.509 and IS0 9594-8: The Directory-Authentication Framework. Geneva.  (1988)

\[Chan 99\] The Java Class Libraries: Supplement for the Java 2 Platform, v1.2, second edition, Volume 1, by Patrick Chan, Rosanna Lee, Douglas Kramer. Prentice Hall. (1999)

\[Chess 07\] Secure Programming with Static Analysis, by Brian Chess and Jacob West. Addison-Wesley Professional. (2007)

\[Christudas 05\] [Internals of Java Class Loading|http://www.onjava.com/pub/a/onjava/2005/01/26/classloading.html], ONJava. (2005)

\[Conventions 09\] [Code Conventions for the Java Programming Language|http://java.sun.com/docs/codeconv/]. Sun Microsystems, Inc. (2009)

\[CVE 08\] Common Vulnerability Exposure, MITRE Corporation. (2008)

\[Coomes 07\] [Garbage Collection-Friendly Programming|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2906.pdf] by John Coomes, Peter Kessler, Tony Printezis. Java SE Garbage Collection Group Sun Microsystems, Inc. JavaOne Conference. (2007)

\[Core Java 04\] Core Javaâ„¢ 2 Volume I - Fundamentals, Seventh Edition by Cay S. Horstmann, Gary Cornell. Prentice Hall PTR. (2004)

\[Cunningham 95\] "The CHECKS Pattern Language of Information Integrity", Pattern Languages of Program Design, by Ward Cunningham, edited by James O Coplien and Douglas C Schmidt. Addison-Wesley. (1995)

\[Daconta 00\] [When Runtime.exec() won't|http://www.javaworld.com/javaworld/jw-12-2000/jw-1229-traps.html], by Michael C. Daconta, JavaWorld.com.  (2000)

\[Daconta 03\] More Java Pitfalls, by Michael C. Daconta, Kevin T. Smith, Donald Avondolio and W. Clay Richardson. Wiley Publishing Inc. (2003)

\[Dormann 08\] [Signed Java Applet Security: Worse than ActiveX?|http://www.cert.org/blogs/vuls/2008/06/signed_java_security_worse_tha.html], by Will Dormann. CERT Vulnerability Analysis Blog. (2008)

\[Darwin 04\] Java Cookbook, by Ian F. Darwin (2004)

\[Doshi 03\] [Best Practices for Exception Handling|http://www.onjava.com/pub/a/onjava/2003/11/19/exceptions.html] by Gunjan Doshi. (2003)

\[Eclipse 08\] The Eclipse Platform (2008)

\[Encodings 06\] [Supported Encodings|http://java.sun.com/javase/6/docs/technotes/guides/intl/encoding.doc.html], Sun Microsystems, Inc. (2006)

\[Enterprise 03\] Java Enterprise Best Practices, by the O'Reilly Java Authors. O'Reilly. (2003)

\[ESA 05\] [Java Coding Standards|ftp://ftp.estec.esa.nl/pub/wm/wme/bssc/Java-Coding-Standards-20050303-releaseA.pdf], prepared by: European Space Agency (ESA) Board for Software Standardisation and Control (BSSC). (2005)

\[FindBugs 08\] [FindBugs Bug Descriptions|http://findbugs.sourceforge.net/bugDescriptions.html] (2008)

\[Fisher 03\] JDBC API Tutorial and Reference, 3rd edition, by Maydene Fisher, Jon Ellis, and Jonathan Bruce, Prentice Hall, The Java Series. (2003)

\[Flanagan 05\] Java in a Nutshell, 5th edition, by David Flanagan, O'Reilly Media, Inc. (2005)

\[Fortify 08\] [A Taxonomy of Coding Errors that Affect Security|http://www.fortify.com/vulncat/en/vulncat/index.html] Java/JSP, Fortify Software. (2008)

\[Fox 01\] When is a Singleton not a Singleton?, by Joshua Fox, Sun Developer Network (SDN) (2001)

\[FT 08\] [Function Table|http://www.stylusstudio.com/api/xalan-j_2_6_0/org/apache/xpath/compiler/FunctionTable.htm] Class FunctionTable, Field detail, public static FuncLoader m_functions. (2008)

\[Gamma 95\] Design Patterns: Elements of Reusable Object-Oriented Software, by Erich Gamma, Richard Helm, Ralph Johnson, John M. Vlissides. Addison-Wesley Professional Computing Series. (1995)

\[Garms 01\] Professional Java Security, by Jess Garms and Daniel Somerfield. Wrox Press Ltd. (2001)

\[Goetz 02\] [Java theory and practice: Don't let the "this" reference escape during construction|http://www.ibm.com/developerworks/java/library/j-jtp0618.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2002)

\[Goetz 04\] [Java theory and practice: Garbage collection and performance|http://www.ibm.com/developerworks/java/library/j-jtp01274.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2004)

\[Goetz 04b\] [Java theory and practice: The exceptions debate: To check, or not to check?|http://www.ibm.com/developerworks/library/j-jtp05254.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2004)

\[Goetz 05\] [Java theory and practice: Be a good (event) listener, Guidelines for writing and supporting event listeners|http://www.ibm.com/developerworks/java/library/j-jtp07265/index.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2005)

\[Goetz 05b\] [Java theory and practice: Plugging memory leaks with weak references|http://www.ibm.com/developerworks/java/library/j-jtp11225/], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2005)

\[Goetz 06\] Java Concurrency in Practice, by Brian Goetz, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, Doug Lea. Addison Wesley Professional. (2006)

\[Goetz 06b\] [Java theory and practice: Good housekeeping practices|http://www.ibm.com/developerworks/java/library/j-jtp03216.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2006)

\[Goldberg 91\] Goldberg, David. [What Every Computer Scientist Should Know About Floating-Point Arithmetic|http://docs.sun.com/source/806-3568/ncg_goldberg.html]. Sun Microsystems, Inc. March 1991. (1991)

\[Gong 03\] Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd edition, by Li Gong, Gary Ellison, and Mary Dageforde. Prentice Hall, The Java Series. (2003)

\[Greanier 00\] [Discover the secrets of the Java Serialization API|http://java.sun.com/developer/technicalArticles/Programming/serialization/], by Todd Greanier, Sun Developer Network (SDN). (2000)

\[Green 08\] [Canadian Mind Products Java & Internet Glossary|http://mindprod.com/jgloss/jgloss.html] by Roedy Green. (2008)

\[Grosso 01\] [Java RMI|http://oreilly.com/catalog/javarmi/chapter/ch10.html], by William Grosso. O'Reilly. (2001)

\[Gupta 05\] [Java memory leaks - Catch me if you can|http://www.ibm.com/developerworks/rational/library/05/0816_GuptaPalanki/], by Satish Chandra Gupta and Rajeev Palanki. (2005)

\[Haack 06\] [Immutable Objects in Java|https://pms.cs.ru.nl/iris-diglib/src/getContent.php?id=2006-Haack-ObjectsImmutable], by Christian Haack, Erik Poll, Jan Schafer and Aleksy Schubert. (2006)

\[Haggar 00\] Practical Javaâ„¢ Programming Language Guide, by Peter Haggar. Addison-Wesley Professional. (2000)

\[Halloway 00\] Java Developer Connection Tech Tips, March 28, 2000, by Stuart Halloway.

\[Halloway 01\] [Java Developer Connection Tech Tips|http://web.mit.edu/java/JDCNewsletter/JDC-TECH1-01b], January 30, 2001, by Stuart Halloway.

\[Harold 97\] Java Secrets by Elliotte Rusty Harold. Wiley. (1997)

\[Harold 99\] Java I/O, by Elliotte Rusty Harold. O'REILLY. (1999)

\[Harold 06\] Java I/O, by Elliotte Rusty Harold (2nd Edition). O'Reilley. (2006)

\[Hawtin 08\] [Secure Coding Antipatterns: Preventing Attacks and Avoiding Vulnerabilities|http://www.makeitfly.co.uk/Presentations/london-securecoding.pdf] by Thomas Hawtin, Sun Microsystems, Inc. Make it Fly 2008, London. (2008)

\[Henney 03\] [Null Object, Something for Nothing|http://www.two-sdg.demon.co.uk/curbralan/papers/europlop/NullObject.pdf], by Kevlin Henney (2003)

\[Henry 86\] Using prototypical objects to implement shared behavior in object-oriented systems. In: Conference proceedings on Object-oriented programming systems, languages and applications. Portland 1986, p. 214-223 ISSN 0362-1340, by Henry Lieberman, Massachusetts Institute of Technology. (1986) 

\[Hitchens 02\] Javaâ„¢ NIO, by Ron Hitchens. O'Reilly. (2002) 

\[Hovemeyer 07\] Finding more null pointer bugs, but not too many, by David Hovemeyer and William Pugh. Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering. (2007)

\[Hunt 98\] Java's reliability: an analysis of software defects in Java, by J. Hunt and F. Long. Software IEE Proceedings. (1998)

\[J2SE 00\] JavaTM 2 SDK, Standard Edition Documentation, Sun Microsystems, Inc. [J2SE Documentation version 1.3|http://java.sun.com/j2se/1.3/docs/guide/], Sun Microsystems, Inc. (2000)

\[JarSpec 08\] J2SE Documentation version 1.5, [Jar File Specification|http://java.sun.com/j2se/1.5.0/docs/guide/jar/jar.html], Sun Microsystems, Inc.  (2000)

\[Java 06\] [java - the Java application launcher|http://java.sun.com/javase/6/docs/technotes/tools/windows/java.html], Sun Microsystems, Inc. (2006)

\[Java2NS 99\] Java 2 Network Security, by Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, Ashok K. Ramani. IBM Corporation. (1999)

\[JavaGenerics 04\] \[[http://java.sun.com/j2se/1.5.0/docs/guide/language/generics.html]\], Sun Microsystems, Inc. (2004)

\[JavaThreads 99\] Java Threads (2nd Edition) by, Scott Oaks and Henry Wong. O'REILLY. (1999)

\[JavaThreads 04\] Java Threads (3rd Edition) by, Scott Oaks and Henry Wong. O'REILLY. (2004)

\[JDK7 08\] [Javaâ„¢ Platform, Standard Edition 7 documentation|http://download.java.net/jdk7/docs/], Sun Microsystems, Inc., 19 Dec 2008. (2008)

\[JLS 05\] Java Language Specification, 3rd edition. by James Gosling, Bill Joy, Guy Steele, and Gilad Bracha. Prentice Hall, The Java Series. [The Java Language Specification.|http://java.sun.com/docs/books/jls/index.html] (2005)

\[JPL 05\] The Javaâ„¢ Programming Language, Fourth Edition, by Ken Arnold, James Gosling, David Holmes. Addison Wesley Professional. (2005)

\[JMX 06\] [Monitoring and Management for the Java Platform|http://java.sun.com/javase/6/docs/technotes/guides/management/index.html], Sun Microsystems, Inc. (2006)

\[JMXG 06\] [Java SE Monitoring and Management Guide|http://java.sun.com/javase/6/docs/technotes/guides/management/toc.html], Sun Microsystems, Inc. (2006)

\[JNI 06\] [Java Native Interface|http://java.sun.com/javase/6/docs/technotes/guides/jni/index.html], Sun Microsystems, Inc. (2006)

\[JPDA 04\] [Java Platform Debugger Architecture (JPDA)|http://java.sun.com/javase/6/docs/technotes/guides/jpda/index.html], Sun Microsystems, Inc. (2004)

\[JVMTI 06\] [Java Virtual Machine Tool Interface (JVM TI)|http://java.sun.com/javase/6/docs/technotes/guides/jvmti/index.html], Sun Microsystems, Inc. (2006)

\[JVMSpec 99\] [The Java Virtual Machine Specification|http://java.sun.com/docs/books/jvms/], Sun Microsystems, Inc. (1999)

\[Kabanov 09\] [The Ultimate Java Puzzler|http://dow.ngra.de/2009/02/16/the-ultimate-java-puzzler/] by Jevgeni Kabanov, Core developer of JavaRebel. February 16th, 2009. (2009)

\[Kabutz 01\] The Java Specialists' Newsletter, by Dr. Heinz M. Kabutz. (2001)

\[Kalinovsky 04\] Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering, by Alex Kalinovsky. SAMS Publishing.  (2004)

\[Knoernschild 01\]  Javaâ„¢ Design: Objects, UML, and Process, by Kirk Knoernschild. Addison-Wesley Professional. (2001)

\[Lai 08\] [Java Insecurity: Accounting for Subtleties That Can Compromise Code, by Charlie Lai, Sun Microsystems|http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4420062] (2008)

\[Langer 08\] [http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html|http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html], Angelica Langer. (2008)

\[Lea 00\] Concurrent Programming in Java, 2nd edition, by Doug Lea. Addison Wesley, Sun Microsystems, Inc. (2000)

\[Lea 00b\] [Correct and Efficient Synchronization of Javaâ„¢ Technology based Threads|http://www.cs.umd.edu/~pugh/java/memoryModel/TS-754.pdf], by Doug Lea and William Pugh. JavaOne Conference. (2000)

\[Lee 09\] [Robust and Scalable Concurrent Programming: Lessons from the Trenches|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-4620.pdf], by Sangjin Lee, Mahesh Somani, & Debashis Saha, eBay Inc. JavaOne Conference. (2009)

\[Liang 97\] The Javaâ„¢ Native Interface, Programmer's Guide and Specification, by Sheng Liang. ADDISON-WESLEY. (1997)

\[Liang 98\] [Dynamic Class Loading in the Javaâ„¢  Virtual Machine|http://portal.acm.org/citation.cfm?doid=286936.286945], by Sheng Liang and Gilad Bracha. Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications. (1998)

\[Long 05\] [Software Vulnerabilities in Java|http://www.sei.cmu.edu/publications/documents/05.reports/05tn044.html], by Fred Long, CMU/SEI-2005-TN-044. (2005)

\[Lo 05\] [Security Issues in Garbage Collection|http://www.stsc.hill.af.mil/crosstalk/2005/10/0510DanLo.html], by Dr. Chia-Tien Dan Lo, University of Texas at San Antonio, Dr. Witawas Srisa-an, University of Nebraska at Lincoln, Dr. J. Morris Chang, Iowa State University. STSC Crosstalk, October 2005 issue. (2005)

\[Low 97\] [Protecting Java Code via Obfuscation|http://www.cs.arizona.edu/~collberg/Research/Students/DouglasLow/obfuscation.html], by Douglas Low. (1997)

\[Macgregor 98\] Java Network Security, by Robert Macgregor, Dave Durbin, John Owlett and Andrew Yeomans. Prentice Hall. (1998)

\[Martin 96\] [Granularity|http://www.objectmentor.com/resources/articles/granularity.pdf], by Robert C. Martin. (1996)

\[McCluskey 01\] Java Developer Connection Tech Tips, by Glen McCluskey, April 10, 2001. (2001)

\[McGraw 00\] Securing Java, Getting Down to Business with Mobile Code, by Gary McGraw and Edward W. Felten. Wiley. (1999)

\[Mcgraw 98\] [Twelve rules for developing more secure Java code|http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules.html], Gary Mcgraw and Edward Felten, JavaWorld.com. (1998)

\[Miller 09\] [Javaâ„¢ Platform Concurrency Gotchas|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-4863.pdf], by Alex Miller, Terracotta. JavaOne Conference. (2009)

\[MITRE 09\] [Common Weakness Enumeration|http://cwe.mitre.org/], MITRE Corporation. (2009)

\[Mocha 07\] [Mocha, the Java Decompiler|http://www.brouhaha.com/~eric/software/mocha/] (2007)

\[Monsch 06\] [Ruining Security with java.util.Random|http://www.iplosion.com/papers/ruining_security_with_java.util.random_v1.0.p] Version 1.0, by Jan P. Monsch. (2006)

\[MSDN 09\] [Using SQL Escape Sequences|http://msdn.microsoft.com/en-us/library/ms378045(SQL.90).aspx], Microsoft Corporation. (2009)

\[Muchow 01\] [MIDlet Packaging with J2ME|http://www.onjava.com/pub/a/onjava/2001/04/26/midlet.html], by John W. Muchow (2001)

\[Müller 02\] [Exception Handling: Common Problems and Best Practice with Java 1.4|http://www.old.netobjectdays.org/pdf/02/papers/industry/1430.pdf] by Dr. Andreas Müller and Geoffrey Simmons, Sun Microsystems GmbH. (2002)

\[Naftalin 06\] Java Generics and Collections, Maurice Naftalin and  Philip Wadler, O'Reilly (2006)

\[Naftalin 06b\] [Javaâ„¢ Generics and Collections: Tools for Productivity|http://gceclub.sun.com.cn/java_one_online/2007/pdf/TS-2890.pdf], by Maurice Naftalin, Morningside Light Ltd, Philip Wadler, University of Edinburgh. JavaOne Conference (2007)

\[Neward 04\] Effective Enterprise Java, by Ted Neward. Addison Wesley Professional. (2004)

\[Nisewanger 07\] [Avoiding Antipatterns, by Jeff Nisewanger, JavaOne Conference|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2594.pdf] (2007)

\[Nolan 04\] Decompiling Java, by Godfrey Nolan, [Apress|http://www.apress.com/]. (2004)

\[Oaks 01\] Java Security, by Scott Oaks. O'REILLY. (2001)

\[OWASP 05\] [A Guide to Building Secure Web Applications and Web Services|http://internap.dl.sourceforge.net/sourceforge/owasp/OWASPGuide2.0.1.pdf]. The Open Web Application Security Project. (2005)

\[OWASP 08\] [OWASP|http://www.owasp.org/index.php/Main_Page]. (2008)

\[Patterns 02\] Patterns in Java, Volume 1, Second Edition, by Mark Grand. Wiley. (2002)

\[Permissions 08\] [Permissions in the Javaâ„¢ SE 6 Development Kit (JDK)|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html], Sun Microsystems, Inc. (2008)

\[Philion 03\] [Beware the dangers of generic Exceptions|http://www.javaworld.com/javaworld/jw-10-2003/jw-1003-generics.html?page=2#sidebar1], by Paul Philion, JavaWorld.com. (2003)

\[Phillips 05\] [Are We Counting Bytes Yet?|http://www.inter-locale.com/whitepaper/IUC27-a303.html] at the 27th Internationalization and Unicode Conference, by by Addison P. Phillips. webMethods, Inc. (2005)

\[Pistoia 04\] Enterprise Java Security: Building Secure J2EE Applications, by Marco Pistoia, Nataraj Nagaratnam, Larry Koved and Anthony Nadalin. Addison Wesley. (2004)

\[Policy 02\] [Default Policy Implementation and Policy File Syntax|http://java.sun.com/javase/6/docs/technotes/guides/security/PolicyFiles.html], Document revision 1.6, Sun Microsystems, Inc. (2002)

\[Pugh 08\] [Defective Java Code: Turning WTF Code into a Learning Experience|http://developers.sun.com/learning/javaoneonline/2008/pdf/TS-6589.pdf?cid=925745], by William Pugh, Univ. of Maryland. JavaOne Conference. (2008)

\[Pugh 09\] [Defective Java Code: Mistakes That Matter|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-5335.pdf], by William Pugh, Univ. of Maryland. JavaOne Conference. (2009)

\[Reasoning 03\] [Reasoning Inspection Service Defect Data Tomcat v 1.4.24|http://www.reasoning.com/pdf/Tomcat_Defect_Report.pdf], Reasoning. 14 Nov 2003. (2003)

\[Reflect 06\] [Reflection|http://java.sun.com/javase/6/docs/technotes/guides/reflection/index.html], Sun Microsystems, Inc. (2006)

\[Rotem 08\] [Fallacies of Distributed Computing Explained|http://www.rgoarchitects.com/Files/fallacies.pdf], by Arnon Rotem-Gal-Oz. (2008)

\[Roubtsov 03\] [Breaking Java exception-handling rules is easy|http://www.javaworld.com/javaworld/javaqa/2003-02/02-qa-0228-evilthrow.html], by Vladimir Roubtsov, JavaWorld.com.  (2003)

\[Roubtsov 03b\] [Into the mist of serialization myths|http://www.javaworld.com/javaworld/javaqa/2003-06/02-qa-0627-mythser.html?page=1], by Vladimir Roubtsov, JavaWorld.com.  (2003)

\[Schneier 00\] Secrets and Lies—Digital Security in a Networked World , by Bruce Schneier. ISBN 0-471-25311-1, John Wiley and Sons. (2000)

\[SCG 07\] [Secure Coding Guidelines for the Java Programming Language, version 2.0|http://java.sun.com/security/seccodeguide.html], Sun Microsystems, Inc. (2007)

\[Schildt 07\] Herb Schildt's Java Programming Cookbook, Herb Schildt, McGraw-Hill (2007)

\[Schwarz 04\] [Avoiding Checked Exceptions|http://www.oreillynet.com/onjava/blog/2004/09/avoiding_checked_exceptions.html], by Don Schwarz, ONJava (2004)

\[Schoenefeld 04\] Java Vulnerabilities in Opera 7.54  BUGTRAQ Mailing List (bugtraq@securityfocus.com), Nov 2004. (2004)

\[Schweisguth 03\] [Java Tip 134: When catching exceptions, don't cast your net too wide|http://www.javaworld.com/javaworld/javatips/jw-javatip134.html?page=2], by  Dave Schweisguth. Javaworld.com. (2003)

\[Seacord 05\] Seacord, Robert C. _Secure Coding in C and C+\+_. Boston, MA: Addison-Wesley. (2005)

\[SecArch 06\] [Java 2 Platform Security Architecture|http://java.sun.com/javase/6/docs/technotes/guides/security/spec/security-spec.doc.html], Sun Microsystems, Inc. (2006)

\[Security 06\] [Java Security Guides|http://java.sun.com/javase/6/docs/technotes/guides/security/], Sun Microsystems, Inc. (2006)

\[SecuritySpec 08\] [http://java.sun.com/j2se/1.5.0/docs/guide/security/spec/security-specTOC.fm.html], Sun Microsystems, Inc. (2008)

\[Steel 05\] Core Security Patterns: Best Practices and Strategies for J2EEâ„¢, Web Services, and Identity Management, by Christopher Steel, Ramesh Nagappan and Ray Lai. Prentice Hall PTR / Sun Microsystems, Inc. (2005)

\[SDN 08\] [SUN Developer Network|http://developers.sun.com/], Sun Microsystems, Inc. (1994-2008)

\[Sen 07\] [Avoid the dangers of XPath injection|http://www.ibm.com/developerworks/xml/library/x-xpathinjection.html], by Robi Sen, IBM developerWorks. (2007)

\[Steinberg 05\] [Java Developer Connection Tech Tips "Using the Varargs Language Feature"|http://java.sun.com/developer/JDCTechTips/2005/tt0104.html], Daniel H. Steinberg, January 4, 2005. (2005)

\[Sun 03\] [Sun ONE Application Server 7 Performance Tuning Guide|http://docs.sun.com/source/817-2180-10/], Sun Microsystems, Inc. (2003)

\[Sun 06\] [Javaâ„¢ Platform, Standard Edition 6 documentation|http://java.sun.com/javase/6/docs/index.html], Sun Microsystems, Inc. (2006)

\[Techtalk 07\] [The PhantomReference Menace. Attack of the Clone. Revenge of the Shift.|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2707.pdf], by Josh Bloch and William Pugh, JavaOne Conference. (2007)

\[Tutorials 08\] [The Java Tutorials|http://java.sun.com/docs/books/tutorial/index.html], Sun Microsystems, Inc. (2008)

\[Venners 03\] [Failure and Exceptions, A Conversation with James Gosling, Part II|http://www.artima.com/intv/solid.html], by Bill Venners. Artima.com. (2003)

\[Ware 08\] [Writing Secure Java Code:A Taxonomy of Heuristics and an Evaluation of Static Analysis Tools|http://peregrin.jmu.edu/~warems/securejavacode.html], Michael S. Ware. (2008)

\[Wheeler 03\] [Secure Programming for Linux and Unix HOWTO|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html], David A. Wheeler. (2003)

\[Zukowski 04\] [Java Developer Connection Tech Tips "Creating Custom Security Permissions"|http://java.sun.com/developer/JDCTechTips/2004/tt0518.html#2], John Zukowski, May 18, 2004. (2004)