\[Abadi 96\] Prudent Engineering Practice for Cryptographic Protocols, by Martin Abadi and Roger Needham, IEEE Transactions on Software Engineering Volume 22, Issue 1, Jan 1996 Page(s):6 - 15. (1996) |
\[API 06\] [Java Platform, Standard Edition 6 API Specification|http://java.sun.com/javase/6/docs/api/], Sun Microsystems, Inc. (2006) |
\[Austin 00\] [Advanced Programming for the Java 2 Platform|http://java.sun.com/developer/onlineTraining/Programming/JDCBook/index.html#contents], by Calvin Austin and Monica Pawlan, Addison Wesley Longman. (2000) |
\[Bea 08\] [Packaging WebLogic Server J2EE Applications|http://edocs.bea.com/wls/docs61/programming/packaging.html] (2008) |
\[Bloch 01\] Effective Java, Programming Language Guide, by Joshua Bloch. Addison Wesley. (2001) |
\[Bloch 05\] Java⢠Puzzlers: Traps, Pitfalls, and Corner Cases, by Joshua Bloch and Neal Gafter. Pearson Education, Inc. (2005) |
\[Bloch 07\] [Effective Java⢠Reloaded: This Time It's (not) for Real|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2689.pdf], by Joshua Bloch. JavaOne Conference. (2007) <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48114b8a-3dd0-41fe-bbcd-555045b5c3f8"><ac:parameter ac:name="">Bloch 08</ac:parameter></ac:structured-macro> |
\[Bloch 08\] Effective Java, 2nd edition, by Joshua Bloch, Addison Wesley. (2008) |
\[Bloch 09\] [Return of the Puzzlers: Schlock and Awe|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-5186.pdf], by Joshua Bloch, Google Inc. and Neal Gafter, Microsoft Corporation. JavaOne Conference. (2009) |
\[Boehm 05\] Finalization, Threads, and the Java⢠Technology-Based Memory Model, by Hans-J. Boehm. JavaOne Conference. (2005) |
\[Campione 96\] [The Java Tutorial, by Mary Campione and Kathy Walrath|http://www.telecom.ntua.gr/HTML.Tutorials/index.html] (1996) |
\[CCITT 88\] CCITT. CCITT Blue Book, Recommendation X.509 and IS0 9594-8: The Directory-Authentication Framework. Geneva. (1988) |
\[Chan 99\] The Java Class Libraries: Supplement for the Java 2 Platform, v1.2, second edition, Volume 1, by Patrick Chan, Rosanna Lee, Douglas Kramer. Prentice Hall. (1999) |
\[Chess 07\] Secure Programming with Static Analysis, by Brian Chess and Jacob West. Addison-Wesley Professional. (2007) |
\[Christudas 05\] [Internals of Java Class Loading|http://www.onjava.com/pub/a/onjava/2005/01/26/classloading.html], ONJava. (2005) |
\[Conventions 09\] [Code Conventions for the Java Programming Language|http://java.sun.com/docs/codeconv/]. Sun Microsystems, Inc. (2009) |
\[CVE 08\] Common Vulnerability Exposure, MITRE Corporation. (2008) |
\[Coomes 07\] [Garbage Collection-Friendly Programming|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2906.pdf] by John Coomes, Peter Kessler, Tony Printezis. Java SE Garbage Collection Group Sun Microsystems, Inc. JavaOne Conference. (2007) |
\[Core Java 04\] Core Java⢠2 Volume I - Fundamentals, Seventh Edition by Cay S. Horstmann, Gary Cornell. Prentice Hall PTR. (2004) |
\[Cunningham 95\] "The CHECKS Pattern Language of Information Integrity", Pattern Languages of Program Design, by Ward Cunningham, edited by James O Coplien and Douglas C Schmidt. Addison-Wesley. (1995) |
\[Daconta 00\] [When Runtime.exec() won't|http://www.javaworld.com/javaworld/jw-12-2000/jw-1229-traps.html], by Michael C. Daconta, JavaWorld.com. (2000) |
\[Daconta 03\] More Java Pitfalls, by Michael C. Daconta, Kevin T. Smith, Donald Avondolio and W. Clay Richardson. Wiley Publishing Inc. (2003) |
\[Dormann 08\] [Signed Java Applet Security: Worse than ActiveX?|http://www.cert.org/blogs/vuls/2008/06/signed_java_security_worse_tha.html], by Will Dormann. CERT Vulnerability Analysis Blog. (2008) |
\[Darwin 04\] Java Cookbook, by Ian F. Darwin (2004) |
\[Doshi 03\] [Best Practices for Exception Handling|http://www.onjava.com/pub/a/onjava/2003/11/19/exceptions.html] by Gunjan Doshi. (2003) |
\[Eclipse 08\] The Eclipse Platform (2008) |
\[Encodings 06\] [Supported Encodings|http://java.sun.com/javase/6/docs/technotes/guides/intl/encoding.doc.html], Sun Microsystems, Inc. (2006) |
\[Enterprise 03\] Java Enterprise Best Practices, by the O'Reilly Java Authors. O'Reilly. (2003) |
\[ESA 05\] [Java Coding Standards|ftp://ftp.estec.esa.nl/pub/wm/wme/bssc/Java-Coding-Standards-20050303-releaseA.pdf], prepared by: European Space Agency (ESA) Board for Software Standardisation and Control (BSSC). (2005) |
\[FindBugs 08\] [FindBugs Bug Descriptions|http://findbugs.sourceforge.net/bugDescriptions.html] (2008) |
\[Fisher 03\] JDBC API Tutorial and Reference, 3rd edition, by Maydene Fisher, Jon Ellis, and Jonathan Bruce, Prentice Hall, The Java Series. (2003) |
\[Flanagan 05\] Java in a Nutshell, 5th edition, by David Flanagan, O'Reilly Media, Inc. (2005) |
\[Fortify 08\] [A Taxonomy of Coding Errors that Affect Security|http://www.fortify.com/vulncat/en/vulncat/index.html] Java/JSP, Fortify Software. (2008) |
\[Fox 01\] When is a Singleton not a Singleton?, by Joshua Fox, Sun Developer Network (SDN) (2001) |
\[FT 08\] [Function Table|http://www.stylusstudio.com/api/xalan-j_2_6_0/org/apache/xpath/compiler/FunctionTable.htm] Class FunctionTable, Field detail, public static FuncLoader m_functions. (2008) |
\[Gamma 95\] Design Patterns: Elements of Reusable Object-Oriented Software, by Erich Gamma, Richard Helm, Ralph Johnson, John M. Vlissides. Addison-Wesley Professional Computing Series. (1995) |
\[Garms 01\] Professional Java Security, by Jess Garms and Daniel Somerfield. Wrox Press Ltd. (2001) |
\[Goetz 02\] [Java theory and practice: Don't let the "this" reference escape during construction|http://www.ibm.com/developerworks/java/library/j-jtp0618.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2002) |
\[Goetz 04\] [Java theory and practice: Garbage collection and performance|http://www.ibm.com/developerworks/java/library/j-jtp01274.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2004) |
\[Goetz 04b\] [Java theory and practice: The exceptions debate: To check, or not to check?|http://www.ibm.com/developerworks/library/j-jtp05254.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2004) |
\[Goetz 05\] [Java theory and practice: Be a good (event) listener, Guidelines for writing and supporting event listeners|http://www.ibm.com/developerworks/java/library/j-jtp07265/index.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2005) |
\[Goetz 05b\] [Java theory and practice: Plugging memory leaks with weak references|http://www.ibm.com/developerworks/java/library/j-jtp11225/], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2005) |
\[Goetz 06\] Java Concurrency in Practice, by Brian Goetz, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, Doug Lea. Addison Wesley Professional. (2006) |
\[Goetz 06b\] [Java theory and practice: Good housekeeping practices|http://www.ibm.com/developerworks/java/library/j-jtp03216.html], by Brian Goetz, Principal Consultant, Quiotix. IBM developerWorks (Java technology). (2006) |
\[Goldberg 91\] Goldberg, David. [What Every Computer Scientist Should Know About Floating-Point Arithmetic|http://docs.sun.com/source/806-3568/ncg_goldberg.html]. Sun Microsystems, Inc. March 1991. (1991) |
\[Gong 03\] Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd edition, by Li Gong, Gary Ellison, and Mary Dageforde. Prentice Hall, The Java Series. (2003) |
\[Greanier 00\] [Discover the secrets of the Java Serialization API|http://java.sun.com/developer/technicalArticles/Programming/serialization/], by Todd Greanier, Sun Developer Network (SDN). (2000) |
\[Green 08\] [Canadian Mind Products Java & Internet Glossary|http://mindprod.com/jgloss/jgloss.html] by Roedy Green. (2008) |
\[Grosso 01\] [Java RMI|http://oreilly.com/catalog/javarmi/chapter/ch10.html], by William Grosso. O'Reilly. (2001) |
\[Gupta 05\] [Java memory leaks - Catch me if you can|http://www.ibm.com/developerworks/rational/library/05/0816_GuptaPalanki/], by Satish Chandra Gupta and Rajeev Palanki. (2005) |
\[Haack 06\] [Immutable Objects in Java|https://pms.cs.ru.nl/iris-diglib/src/getContent.php?id=2006-Haack-ObjectsImmutable], by Christian Haack, Erik Poll, Jan Schafer and Aleksy Schubert. (2006) |
\[Haggar 00\] Practical Java⢠Programming Language Guide, by Peter Haggar. Addison-Wesley Professional. (2000) |
\[Halloway 00\] Java Developer Connection Tech Tips, March 28, 2000, by Stuart Halloway. |
\[Halloway 01\] [Java Developer Connection Tech Tips|http://web.mit.edu/java/JDCNewsletter/JDC-TECH1-01b], January 30, 2001, by Stuart Halloway. |
\[Harold 97\] Java Secrets by Elliotte Rusty Harold. Wiley. (1997) |
\[Harold 99\] Java I/O, by Elliotte Rusty Harold. O'REILLY. (1999) |
\[Harold 06\] Java I/O, by Elliotte Rusty Harold (2nd Edition). O'Reilley. (2006) |
\[Hawtin 08\] [Secure Coding Antipatterns: Preventing Attacks and Avoiding Vulnerabilities|http://www.makeitfly.co.uk/Presentations/london-securecoding.pdf] by Thomas Hawtin, Sun Microsystems, Inc. Make it Fly 2008, London. (2008) |
\[Henney 03\] [Null Object, Something for Nothing|http://www.two-sdg.demon.co.uk/curbralan/papers/europlop/NullObject.pdf], by Kevlin Henney (2003) |
\[Henry 86\] Using prototypical objects to implement shared behavior in object-oriented systems. In: Conference proceedings on Object-oriented programming systems, languages and applications. Portland 1986, p. 214-223 ISSN 0362-1340, by Henry Lieberman, Massachusetts Institute of Technology. (1986) |
\[Hitchens 02\] Java⢠NIO, by Ron Hitchens. O'Reilly. (2002) |
\[Hovemeyer 07\] Finding more null pointer bugs, but not too many, by David Hovemeyer and William Pugh. Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering. (2007) |
\[Hunt 98\] Java's reliability: an analysis of software defects in Java, by J. Hunt and F. Long. Software IEE Proceedings. (1998) |
\[J2SE 00\] JavaTM 2 SDK, Standard Edition Documentation, Sun Microsystems, Inc. [J2SE Documentation version 1.3|http://java.sun.com/j2se/1.3/docs/guide/], Sun Microsystems, Inc. (2000) |
\[JarSpec 08\] J2SE Documentation version 1.5, [Jar File Specification|http://java.sun.com/j2se/1.5.0/docs/guide/jar/jar.html], Sun Microsystems, Inc. (2000) |
\[Java 06\] [java - the Java application launcher|http://java.sun.com/javase/6/docs/technotes/tools/windows/java.html], Sun Microsystems, Inc. (2006) |
\[Java2NS 99\] Java 2 Network Security, by Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, Ashok K. Ramani. IBM Corporation. (1999) |
\[JavaGenerics 04\] \[[http://java.sun.com/j2se/1.5.0/docs/guide/language/generics.html]\], Sun Microsystems, Inc. (2004) |
\[JavaThreads 99\] Java Threads (2nd Edition) by, Scott Oaks and Henry Wong. O'REILLY. (1999) |
\[JavaThreads 04\] Java Threads (3rd Edition) by, Scott Oaks and Henry Wong. O'REILLY. (2004) |
\[JDK7 08\] [Java⢠Platform, Standard Edition 7 documentation|http://download.java.net/jdk7/docs/], Sun Microsystems, Inc., 19 Dec 2008. (2008) |
\[JLS 05\] Java Language Specification, 3rd edition. by James Gosling, Bill Joy, Guy Steele, and Gilad Bracha. Prentice Hall, The Java Series. [The Java Language Specification.|http://java.sun.com/docs/books/jls/index.html] (2005) |
\[JPL 05\] The Java⢠Programming Language, Fourth Edition, by Ken Arnold, James Gosling, David Holmes. Addison Wesley Professional. (2005) |
\[JMX 06\] [Monitoring and Management for the Java Platform|http://java.sun.com/javase/6/docs/technotes/guides/management/index.html], Sun Microsystems, Inc. (2006) |
\[JMXG 06\] [Java SE Monitoring and Management Guide|http://java.sun.com/javase/6/docs/technotes/guides/management/toc.html], Sun Microsystems, Inc. (2006) |
\[JNI 06\] [Java Native Interface|http://java.sun.com/javase/6/docs/technotes/guides/jni/index.html], Sun Microsystems, Inc. (2006) |
\[JPDA 04\] [Java Platform Debugger Architecture (JPDA)|http://java.sun.com/javase/6/docs/technotes/guides/jpda/index.html], Sun Microsystems, Inc. (2004) |
\[JVMTI 06\] [Java Virtual Machine Tool Interface (JVM TI)|http://java.sun.com/javase/6/docs/technotes/guides/jvmti/index.html], Sun Microsystems, Inc. (2006) |
\[JVMSpec 99\] [The Java Virtual Machine Specification|http://java.sun.com/docs/books/jvms/], Sun Microsystems, Inc. (1999) |
\[Kabanov 09\] [The Ultimate Java Puzzler|http://dow.ngra.de/2009/02/16/the-ultimate-java-puzzler/] by Jevgeni Kabanov, Core developer of JavaRebel. February 16th, 2009. (2009) |
\[Kabutz 01\] The Java Specialists' Newsletter, by Dr. Heinz M. Kabutz. (2001) |
\[Kalinovsky 04\] Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering, by Alex Kalinovsky. SAMS Publishing. (2004) |
\[Knoernschild 01\] Java⢠Design: Objects, UML, and Process, by Kirk Knoernschild. Addison-Wesley Professional. (2001) |
\[Lai 08\] [Java Insecurity: Accounting for Subtleties That Can Compromise Code, by Charlie Lai, Sun Microsystems|http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4420062] (2008) |
\[Langer 08\] [http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html|http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html], Angelica Langer. (2008) |
\[Lea 00\] Concurrent Programming in Java, 2nd edition, by Doug Lea. Addison Wesley, Sun Microsystems, Inc. (2000) |
\[Lea 00b\] [Correct and Efficient Synchronization of Java⢠Technology based Threads|http://www.cs.umd.edu/~pugh/java/memoryModel/TS-754.pdf], by Doug Lea and William Pugh. JavaOne Conference. (2000) |
\[Lee 09\] [Robust and Scalable Concurrent Programming: Lessons from the Trenches|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-4620.pdf], by Sangjin Lee, Mahesh Somani, & Debashis Saha, eBay Inc. JavaOne Conference. (2009) |
\[Liang 97\] The Java⢠Native Interface, Programmer's Guide and Specification, by Sheng Liang. ADDISON-WESLEY. (1997) |
\[Liang 98\] [Dynamic Class Loading in the Java⢠Virtual Machine|http://portal.acm.org/citation.cfm?doid=286936.286945], by Sheng Liang and Gilad Bracha. Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications. (1998) |
\[Long 05\] [Software Vulnerabilities in Java|http://www.sei.cmu.edu/publications/documents/05.reports/05tn044.html], by Fred Long, CMU/SEI-2005-TN-044. (2005) |
\[Lo 05\] [Security Issues in Garbage Collection|http://www.stsc.hill.af.mil/crosstalk/2005/10/0510DanLo.html], by Dr. Chia-Tien Dan Lo, University of Texas at San Antonio, Dr. Witawas Srisa-an, University of Nebraska at Lincoln, Dr. J. Morris Chang, Iowa State University. STSC Crosstalk, October 2005 issue. (2005) |
\[Low 97\] [Protecting Java Code via Obfuscation|http://www.cs.arizona.edu/~collberg/Research/Students/DouglasLow/obfuscation.html], by Douglas Low. (1997) |
\[Macgregor 98\] Java Network Security, by Robert Macgregor, Dave Durbin, John Owlett and Andrew Yeomans. Prentice Hall. (1998) |
\[Martin 96\] [Granularity|http://www.objectmentor.com/resources/articles/granularity.pdf], by Robert C. Martin. (1996) |
\[McCluskey 01\] Java Developer Connection Tech Tips, by Glen McCluskey, April 10, 2001. (2001) |
\[McGraw 00\] Securing Java, Getting Down to Business with Mobile Code, by Gary McGraw and Edward W. Felten. Wiley. (1999) |
\[Mcgraw 98\] [Twelve rules for developing more secure Java code|http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules.html], Gary Mcgraw and Edward Felten, JavaWorld.com. (1998) |
\[Miller 09\] [Java⢠Platform Concurrency Gotchas|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-4863.pdf], by Alex Miller, Terracotta. JavaOne Conference. (2009) |
\[MITRE 09\] [Common Weakness Enumeration|http://cwe.mitre.org/], MITRE Corporation. (2009) |
\[Mocha 07\] [Mocha, the Java Decompiler|http://www.brouhaha.com/~eric/software/mocha/] (2007) |
\[Monsch 06\] [Ruining Security with java.util.Random|http://www.iplosion.com/papers/ruining_security_with_java.util.random_v1.0.p] Version 1.0, by Jan P. Monsch. (2006) |
\[MSDN 09\] [Using SQL Escape Sequences|http://msdn.microsoft.com/en-us/library/ms378045(SQL.90).aspx], Microsoft Corporation. (2009) |
\[Muchow 01\] [MIDlet Packaging with J2ME|http://www.onjava.com/pub/a/onjava/2001/04/26/midlet.html], by John W. Muchow (2001) |
\[Müller 02\] [Exception Handling: Common Problems and Best Practice with Java 1.4|http://www.old.netobjectdays.org/pdf/02/papers/industry/1430.pdf] by Dr. Andreas Müller and Geoffrey Simmons, Sun Microsystems GmbH. (2002) |
\[Naftalin 06\] Java Generics and Collections, Maurice Naftalin and Philip Wadler, O'Reilly (2006) |
\[Naftalin 06b\] [Java⢠Generics and Collections: Tools for Productivity|http://gceclub.sun.com.cn/java_one_online/2007/pdf/TS-2890.pdf], by Maurice Naftalin, Morningside Light Ltd, Philip Wadler, University of Edinburgh. JavaOne Conference (2007) |
\[Neward 04\] Effective Enterprise Java, by Ted Neward. Addison Wesley Professional. (2004) |
\[Nisewanger 07\] [Avoiding Antipatterns, by Jeff Nisewanger, JavaOne Conference|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2594.pdf] (2007) |
\[Nolan 04\] Decompiling Java, by Godfrey Nolan, [Apress|http://www.apress.com/]. (2004) |
\[Oaks 01\] Java Security, by Scott Oaks. O'REILLY. (2001) |
\[OWASP 05\] [A Guide to Building Secure Web Applications and Web Services|http://internap.dl.sourceforge.net/sourceforge/owasp/OWASPGuide2.0.1.pdf]. The Open Web Application Security Project. (2005) |
\[OWASP 08\] [OWASP|http://www.owasp.org/index.php/Main_Page]. (2008) |
\[Patterns 02\] Patterns in Java, Volume 1, Second Edition, by Mark Grand. Wiley. (2002) |
\[Permissions 08\] [Permissions in the Java⢠SE 6 Development Kit (JDK)|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html], Sun Microsystems, Inc. (2008) |
\[Philion 03\] [Beware the dangers of generic Exceptions|http://www.javaworld.com/javaworld/jw-10-2003/jw-1003-generics.html?page=2#sidebar1], by Paul Philion, JavaWorld.com. (2003) |
\[Phillips 05\] [Are We Counting Bytes Yet?|http://www.inter-locale.com/whitepaper/IUC27-a303.html] at the 27th Internationalization and Unicode Conference, by by Addison P. Phillips. webMethods, Inc. (2005) |
\[Pistoia 04\] Enterprise Java Security: Building Secure J2EE Applications, by Marco Pistoia, Nataraj Nagaratnam, Larry Koved and Anthony Nadalin. Addison Wesley. (2004) |
\[Policy 02\] [Default Policy Implementation and Policy File Syntax|http://java.sun.com/javase/6/docs/technotes/guides/security/PolicyFiles.html], Document revision 1.6, Sun Microsystems, Inc. (2002) |
\[Pugh 08\] [Defective Java Code: Turning WTF Code into a Learning Experience|http://developers.sun.com/learning/javaoneonline/2008/pdf/TS-6589.pdf?cid=925745], by William Pugh, Univ. of Maryland. JavaOne Conference. (2008) |
\[Pugh 09\] [Defective Java Code: Mistakes That Matter|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-5335.pdf], by William Pugh, Univ. of Maryland. JavaOne Conference. (2009) |
\[Reasoning 03\] [Reasoning Inspection Service Defect Data Tomcat v 1.4.24|http://www.reasoning.com/pdf/Tomcat_Defect_Report.pdf], Reasoning. 14 Nov 2003. (2003) |
\[Reflect 06\] [Reflection|http://java.sun.com/javase/6/docs/technotes/guides/reflection/index.html], Sun Microsystems, Inc. (2006) |
\[Rotem 08\] [Fallacies of Distributed Computing Explained|http://www.rgoarchitects.com/Files/fallacies.pdf], by Arnon Rotem-Gal-Oz. (2008) |
\[Roubtsov 03\] [Breaking Java exception-handling rules is easy|http://www.javaworld.com/javaworld/javaqa/2003-02/02-qa-0228-evilthrow.html], by Vladimir Roubtsov, JavaWorld.com. (2003) |
\[Roubtsov 03b\] [Into the mist of serialization myths|http://www.javaworld.com/javaworld/javaqa/2003-06/02-qa-0627-mythser.html?page=1], by Vladimir Roubtsov, JavaWorld.com. (2003) |
\[Schneier 00\] Secrets and LiesâDigital Security in a Networked World , by Bruce Schneier. ISBN 0-471-25311-1, John Wiley and Sons. (2000) |
\[SCG 07\] [Secure Coding Guidelines for the Java Programming Language, version 2.0|http://java.sun.com/security/seccodeguide.html], Sun Microsystems, Inc. (2007) |
\[Schildt 07\] Herb Schildt's Java Programming Cookbook, Herb Schildt, McGraw-Hill (2007) |
\[Schwarz 04\] [Avoiding Checked Exceptions|http://www.oreillynet.com/onjava/blog/2004/09/avoiding_checked_exceptions.html], by Don Schwarz, ONJava (2004) |
\[Schoenefeld 04\] Java Vulnerabilities in Opera 7.54 BUGTRAQ Mailing List (bugtraq@securityfocus.com), Nov 2004. (2004) |
\[Schweisguth 03\] [Java Tip 134: When catching exceptions, don't cast your net too wide|http://www.javaworld.com/javaworld/javatips/jw-javatip134.html?page=2], by Dave Schweisguth. Javaworld.com. (2003) |
\[Seacord 05\] Seacord, Robert C. _Secure Coding in C and C+\+_. Boston, MA: Addison-Wesley. (2005) |
\[SecArch 06\] [Java 2 Platform Security Architecture|http://java.sun.com/javase/6/docs/technotes/guides/security/spec/security-spec.doc.html], Sun Microsystems, Inc. (2006) |
\[Security 06\] [Java Security Guides|http://java.sun.com/javase/6/docs/technotes/guides/security/], Sun Microsystems, Inc. (2006) |
\[SecuritySpec 08\] [http://java.sun.com/j2se/1.5.0/docs/guide/security/spec/security-specTOC.fm.html], Sun Microsystems, Inc. (2008) |
\[Steel 05\] Core Security Patterns: Best Practices and Strategies for J2EEâ¢, Web Services, and Identity Management, by Christopher Steel, Ramesh Nagappan and Ray Lai. Prentice Hall PTR / Sun Microsystems, Inc. (2005) |
\[SDN 08\] [SUN Developer Network|http://developers.sun.com/], Sun Microsystems, Inc. (1994-2008) |
\[Sen 07\] [Avoid the dangers of XPath injection|http://www.ibm.com/developerworks/xml/library/x-xpathinjection.html], by Robi Sen, IBM developerWorks. (2007) |
\[Steinberg 05\] [Java Developer Connection Tech Tips "Using the Varargs Language Feature"|http://java.sun.com/developer/JDCTechTips/2005/tt0104.html], Daniel H. Steinberg, January 4, 2005. (2005) |
\[Sun 03\] [Sun ONE Application Server 7 Performance Tuning Guide|http://docs.sun.com/source/817-2180-10/], Sun Microsystems, Inc. (2003) |
\[Sun 06\] [Java⢠Platform, Standard Edition 6 documentation|http://java.sun.com/javase/6/docs/index.html], Sun Microsystems, Inc. (2006) |
\[Techtalk 07\] [The PhantomReference Menace. Attack of the Clone. Revenge of the Shift.|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2707.pdf], by Josh Bloch and William Pugh, JavaOne Conference. (2007) |
\[Tutorials 08\] [The Java Tutorials|http://java.sun.com/docs/books/tutorial/index.html], Sun Microsystems, Inc. (2008) |
\[Venners 03\] [Failure and Exceptions, A Conversation with James Gosling, Part II|http://www.artima.com/intv/solid.html], by Bill Venners. Artima.com. (2003) |
\[Ware 08\] [Writing Secure Java Code:A Taxonomy of Heuristics and an Evaluation of Static Analysis Tools|http://peregrin.jmu.edu/~warems/securejavacode.html], Michael S. Ware. (2008) |
\[Wheeler 03\] [Secure Programming for Linux and Unix HOWTO|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html], David A. Wheeler. (2003) |
\[Zukowski 04\] [Java Developer Connection Tech Tips "Creating Custom Security Permissions"|http://java.sun.com/developer/JDCTechTips/2004/tt0518.html#2], John Zukowski, May 18, 2004. (2004) |