View Source

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7b0f1d6d-2995-4c26-af58-ac9330013c2f"><ac:parameter ac:name="">Abadi 96</ac:parameter></ac:structured-macro>
\[Abadi 1996\] Abadi, Martin, and Roger Needham. Prudent Engineering Practice for Cryptographic Protocols. _IEEE Transactions on Software Engineering_ 22(1):6â€“15 (1996).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="157aa286-c125-434e-b5b5-bcba7d2a6431"><ac:parameter ac:name="">API 06</ac:parameter></ac:structured-macro>
\[API 2006\] [Java Platform, Standard Edition 6 API Specification|http://docs.oracle.com/javase/6/docs/api/]. Oracle (2006/2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="81a1e7b8-baa3-4880-ba39-00eace111b42"><ac:parameter ac:name="">API 11</ac:parameter></ac:structured-macro>
\[API 2011\] [Java Platform, Standard Edition 7 API Specification|http://download.oracle.com/javase/7/docs/api/index.html]. Oracle (2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b5ddf355-13bd-417e-9184-b3ef6ae6fb91"><ac:parameter ac:name="">Austin 00</ac:parameter></ac:structured-macro>
\[Austin 2000\] Austin, Calvin, and Monica Pawlan. [_Advanced Programming for the Java 2 Platform_|http://java.sun.com/developer/onlineTraining/Programming/JDCBook/index.html#contents]. Boston: Addison-Wesley Longman (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d2fdb817-5125-431c-8240-d0c67b0a93d0"><ac:parameter ac:name="">Black 04</ac:parameter></ac:structured-macro>
\[Black 2004\] Black, Paul E., and Paul J. Tanenbaum. "partial order." In [_Dictionary of Algorithms and Data Structures_|http://xlinux.nist.gov/dads/HTML/partialorder.html] \[online\]. Paul E. Black, ed., U.S. National Institute of Standards and Technology (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fb679a93-8a55-4842-bc36-f6b5b096cd98"><ac:parameter ac:name="">Black 06</ac:parameter></ac:structured-macro>
\[Black 2006\] Black, Paul E., and Paul J. Tanenbaum. "total order." In [_Dictionary of Algorithms and Data Structures_|http://xlinux.nist.gov/dads/HTML/totalorder.html] \[online\]. Paul E. Black, ed., U.S. National Institute of Standards and Technology (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="10e67260-5196-4a61-9978-15ff98a39918"><ac:parameter ac:name="">Bloch 01</ac:parameter></ac:structured-macro>
\[Bloch 2001\] Bloch, Joshua. _Effective Java: Programming Language Guide_. Boston: Addison-Wesley (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e9671421-2b39-4f32-9e7c-f5c9d68a7c5d"><ac:parameter ac:name="">Bloch 05</ac:parameter></ac:structured-macro>
\[Bloch 2005\] Bloch, Joshua, and Neal Gafter. _Java Puzzlers: Traps, Pitfalls, and Corner Cases_. Upper Saddle River, NJ: Addison-Wesley (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9fbed58a-e6a4-4dcf-86ee-32c46dd367bd"><ac:parameter ac:name="">Bloch 05b</ac:parameter></ac:structured-macro>
\[Bloch 2005b\] Bloch, Joshua, and Neal Gafter. [Yet More Programming Puzzlers|http://gceclub.sun.com.cn/java_one_online/2005/TS-3738/]. JavaOne Conference (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="01d979a4-e80f-4a53-b89c-b4877535b377"><ac:parameter ac:name="">Bloch 07</ac:parameter></ac:structured-macro>
\[Bloch 2007\] Bloch, Joshua. [Effective Javaâ„¢ Reloaded: This Time It's (Not) for Real|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2689.pdf]. JavaOne Conference (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="342f6ecc-0e3f-4fe7-9ee4-71f085d265f8"><ac:parameter ac:name="">Bloch 08</ac:parameter></ac:structured-macro>
\[Bloch 2008\] Bloch, Joshua. _Effective Java_, 2nd ed. Upper Saddle River, NJ: Addison-Wesley (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a8cae19a-8c03-4647-892b-aeeef7ae143f"><ac:parameter ac:name="">Bloch 09</ac:parameter></ac:structured-macro>
\[Bloch 2009\] Bloch, Joshua, and Neal Gafter. [Return of the Puzzlers: Schlock and Awe|http://www.oracle.com/technetwork/server-storage/ts-5186-159197.pdf]. JavaOne Conference (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c97542c1-24cf-4a6d-a7cc-98dc3e37ce5e"><ac:parameter ac:name="">Boehm 05</ac:parameter></ac:structured-macro>
\[Boehm 2005\] Boehm, Hans-J. Finalization, Threads, and the Javaâ„¢ Technology-Based Memory Model. JavaOne Conference (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d0d2514a-b4c8-4f67-9b78-ed84f305d27a"><ac:parameter ac:name="">Campione 96</ac:parameter></ac:structured-macro>
\[Campione 1996\] Campione, Mary, and Kathy Walrath. _The Java Tutorial: Object-Oriented Programming for the Internet_. Reading, MA: Addison-Wesley (1996).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a89d0570-8ac0-41bb-bf1f-9d1e1ac79440"><ac:parameter ac:name="">CCITT 88</ac:parameter></ac:structured-macro>
\[CCITT 1988\] CCITT (International Telegraph and Telephone Consultative Committee). _CCITT Blue Book: Recommendation X.509 and IS0 9594-8: The Directory-Authentication Framework_. Geneva: International Telecommunication Union (1988).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8f0ffae8-7a14-4fd7-8fa1-ed504efac2ea"><ac:parameter ac:name="">Chan 99</ac:parameter></ac:structured-macro>
\[Chan 1999\] Chan, Patrick, Rosanna Lee, and Douglas Kramer. _The Java Class Libraries: Supplement for the Java 2 Platform, v1.2_, 2nd ed., vol. 1. Upper Saddle River, NJ: Prentice Hall (1999).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="30d08063-0bb7-4625-9495-eeb422053384"><ac:parameter ac:name="">Chess 07</ac:parameter></ac:structured-macro>
\[Chess 2007\] Chess, Brian, and Jacob West. _Secure Programming with Static Analysis_. Upper Saddle River, NJ: Addison-Wesley Professional (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e036f80e-992e-4718-9324-d910a82de6bc"><ac:parameter ac:name="">Christudas 05</ac:parameter></ac:structured-macro>
\[Christudas 2005\] Christudas, Binildas. [Internals of Java Class Loading|http://www.onjava.com/pub/a/onjava/2005/01/26/classloading.html], _ONJava_ (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d83bdac0-f12a-480a-97e7-775163f61040"><ac:parameter ac:name="">Cohen 81</ac:parameter></ac:structured-macro>
\[Cohen 1981\] Cohen, D. [On Holy Wars and a Plea for Peace|http://dx.doi.org/10.1109/C-M.1981.220208], _IEEE Computer_, 14(10):48â€“54 (1981).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c177de0b-019e-4338-a30f-5ea04b15ab46"><ac:parameter ac:name="">Conventions 09</ac:parameter></ac:structured-macro>
\[Conventions 2009\] [Code Conventions for the Java Programming Language|http://www.oracle.com/technetwork/java/codeconv-138413.html]. Oracle (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9e443976-714a-4038-9395-6614a5b97959"><ac:parameter ac:name="">Coomes 07</ac:parameter></ac:structured-macro>
\[Coomes 2007\] Coomes, John, Peter Kessler, and Tony Printezis. [Garbage Collection-Friendly Programming|http://docs.huihoo.com/javaone/2007/java-se/TS-2906.pdf]. Java SE Garbage Collection Group, Sun Microsystems, JavaOne Conference (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3291df6e-74b6-4f02-b777-0c7391a4b76f"><ac:parameter ac:name="">Core Java 04</ac:parameter></ac:structured-macro>
\[Core Java 2004\] Horstmann, Cay S., and Gary Cornell. _Core Javaâ„¢ 2, Vol. I: Fundamentals_, 7th ed. Upper Saddle River, NJ: Prentice Hall PTR (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6c3251af-c574-4adb-ae62-d2277bedf3bd"><ac:parameter ac:name="">Cunningham 95</ac:parameter></ac:structured-macro>
\[Cunningham 1995\] Cunningham, Ward. The CHECKS Pattern Language of Information Integrity. In _Pattern Languages of Program Design_, James O. Coplien and Douglas C. Schmidt, eds. Reading, MA: Addison-Wesley (1995).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ccc7855d-02ea-4704-8d78-d5a4b941eb0e"><ac:parameter ac:name="">CVE 08</ac:parameter></ac:structured-macro>
\[CVE 2008\] MITRE Corporation. [Common Vulnerabilities and Exposures|http://cve.mitre.org/index.html] (2008/2012).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="83c981c7-5654-4ec6-b02f-8a7edde2e88b"><ac:parameter ac:name="">Daconta 00</ac:parameter></ac:structured-macro>
\[Daconta 2000\] Daconta, Michael C. [When Runtime.exec() Won't|http://www.javaworld.com/javaworld/jw-12-2000/jw-1229-traps.html]. _JavaWorld.com_ (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f0d22841-26d0-4d38-b504-bccd4c802d1b"><ac:parameter ac:name="">Daconta 03</ac:parameter></ac:structured-macro>
\[Daconta 2003\] Daconta, Michael C., Kevin T. Smith, Donald Avondolio, and W. Clay Richardson. _More Java Pitfalls_. Indianapolis: Wiley (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="53ea03dc-244d-48cc-8903-37f2b027f13a"><ac:parameter ac:name="">Darwin 04</ac:parameter></ac:structured-macro>
\[Darwin 2004\] Darwin, Ian F. _Java Cookbook_, 2nd ed. Sebastopol, CA: Oâ€™Reilly (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="884b5296-0daf-4558-86a5-06846ab8f5d5"><ac:parameter ac:name="">Davis 08</ac:parameter></ac:structured-macro>
\[Davis 2008\] Davis, Mark, and Martin DÃ¼rst. [Unicode Standard Annex #15: Unicode Normalization Forms|http://unicode.org/reports/tr15/] (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d1ab501e-c323-485c-9325-d8e44e7bd522"><ac:parameter ac:name="">Davis 08b</ac:parameter></ac:structured-macro>
\[Davis 2008b\] Davis, Mark, and Michel Suignard. [Unicode Technical Report #36, Unicode Security Considerations|http://www.unicode.org/reports/tr36/] (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c3e8cad3-0cbc-4031-86ab-8dafadbf6f53"><ac:parameter ac:name="">Dennis 1966</ac:parameter></ac:structured-macro>
\[Dennis 1966\] Dennis, Jack B., and Earl C. Van Horn. 1966. Programming Semantics for Multiprogrammed Computations. _Communications of the ACM_, 9(3):143â€“155 (1966). doi: 10.1145/365230.365252.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="13ad09a4-b48e-4016-82bd-bc3a5e879c69"><ac:parameter ac:name="">DHS 06</ac:parameter></ac:structured-macro>
\[DHS 2006\] U.S. Department of Homeland Security. [Build Security In|https://buildsecurityin.us-cert.gov/] (2006/2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9d4ae4e7-e679-4be1-8004-3e95bcaa2c44"><ac:parameter ac:name="">Dormann 08</ac:parameter></ac:structured-macro>
\[Dormann 2008\] Dormann, Will. [Signed Java Applet Security: Worse Than ActiveX?|http://www.cert.org/blo gs/vuls/2008/06/signed_java_security_worse_tha.html] CERT Vulnerability Analysis Blog (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="857c27da-7155-46a1-9855-c68e08b80670"><ac:parameter ac:name="">Doshi 03</ac:parameter></ac:structured-macro>
\[Doshi 2003\] Doshi, Gunjan. [Best Practices for Exception Handling|http://www.onjava.com/pub/a/onjava/2003/11/19/exceptions.html]. _ONJava_ (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="871d25a8-b1ea-4a20-898c-994d15193c16"><ac:parameter ac:name="">Dougherty 2009</ac:parameter></ac:structured-macro>
\[Dougherty 2009\] Dougherty, Chad, Kirk Sayre, Robert C. Seacord, David Svoboda, and Kazuya Togashi. [Secure Design Patterns|http://www.sei.cmu.edu/library/abstracts/reports/09tr010.cfm]. CMU/SEI-2009-TR-010 (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="50a05a8c-6b7f-4b44-8490-b7ae1c7d874f"><ac:parameter ac:name="">Eclipse 08</ac:parameter></ac:structured-macro>
\[Eclipse 2008\] [Eclipse Platform|http://www.eclipse.org/platform/], The Eclipse Foundation (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7d23129-d978-4701-82c9-f63661970493"><ac:parameter ac:name="">Encodings 06</ac:parameter></ac:structured-macro>
\[Encodings 2006\] [Supported Encodings|http://docs.oracle.com/javase/6/docs/technotes/guides/intl/encoding.doc.html], Oracle (2006/2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2ecb5ce7-84ee-4751-9981-aaa7e0753ccb"><ac:parameter ac:name="">Enterprise 03</ac:parameter></ac:structured-macro>
\[Enterprise 2003\] Eckstein, Robert. _Java Enterprise Best Practices_. Sebastopol, CA: O'Reilly (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9ba77e73-7e73-4d9a-ac74-91d9e2b9efc5"><ac:parameter ac:name="">ESA 05</ac:parameter></ac:structured-macro>
\[ESA 2005\] ESA (European Space Agency). [Java Coding Standards|http://software.ucv.ro/~eganea/SoftE/JavaCodingStandards.pdf]. Prepared by ESA Board for Software Standardisation and Control (BSSC) (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="69c5f12e-3d29-4347-bb4d-7c843c0b2aab"><ac:parameter ac:name="">Fairbanks 07</ac:parameter></ac:structured-macro>
\[Fairbanks 2007\] Fairbanks, George. [Design Fragments|http://reports-archive.adm.cs.cmu.edu/anon/isri2007/abstracts/07-108.html]. PhD thesis, Carnegie Mellon University (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="03c0be09-1a79-4b6f-817e-b890b375f856"><ac:parameter ac:name="">FindBugs 08</ac:parameter></ac:structured-macro>
\[FindBugs 2008\] [FindBugs Bug Descriptions|http://findbugs.sourceforge.net/bugDescriptions.html] (2008/2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="588ca0aa-0680-469a-b2d6-e5ae889a1879"><ac:parameter ac:name="">Fisher 03</ac:parameter></ac:structured-macro>
\[Fisher 2003\] Fisher, Maydene, Jon Ellis, and Jonathan Bruce. _JDBC API Tutorial and Reference_, 3rd ed. Upper Saddle River, NJ: Prentice Hall (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="12a0e050-a3c5-443f-9ac7-3587315c453e"><ac:parameter ac:name="">Flanagan 05</ac:parameter></ac:structured-macro>
\[Flanagan 2005\] Flanagan, David. _Java in a Nutshell_, 5th ed. Sebastopol, CA: O'Reilly Media (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c5b8ab59-24ef-41f4-ab8a-ba5818314bd7"><ac:parameter ac:name="">Fortify 08</ac:parameter></ac:structured-macro>
\[Fortify 2008\] Fortify Software Security Research Group with Gary McGraw. [A Taxonomy of Coding Errors That Affect Security|http://www.fortify.com/vulncat/en/vulncat/index.html] (see Java/JSP) (2008/2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fb0f9f6e-eee6-4710-9316-f9a516eb7e1c"><ac:parameter ac:name="">Fox 01</ac:parameter></ac:structured-macro>
\[Fox 2001\] Fox, Joshua. [When Is a Singleton Not a Singleton?|http://www.javaworld.com/javaworld/jw-01-2001/jw-0112-singleton.html] _JavaWorld_ (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f17135f6-f605-412a-a186-8698b96f63e0"><ac:parameter ac:name="">FT 08</ac:parameter></ac:structured-macro>
\[FT 2008\] [Function Table|http://www.stylusstudio.com/api/xalan-j_2_6_0/org/apache/xpath/compiler/FunctionTable.htm]: Class FunctionTable, Field Detail, public static FuncLoader m_functions. Apache XML Project (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="435481ca-1dec-4519-accf-4a2f6cc9226a"><ac:parameter ac:name="">Gafter 06</ac:parameter></ac:structured-macro>
\[Gafter 2006\] Gafter, Neal. [Neal Gafter's blog|http://gafter.blogspot.com/] (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="77f091aa-4d4a-40d5-b707-870715cd6f65"><ac:parameter ac:name="">Gamma 95</ac:parameter></ac:structured-macro>
\[Gamma 1995\] Gamma, Erich, Richard Helm, Ralph Johnson, and John M. Vlissides. _Design Patterns: Elements of Reusable Object-Oriented Software_. Reading, MA: Addison-Wesley (1995).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc4ac648-052f-4b4e-8d1f-9bb9b02575b9"><ac:parameter ac:name="">Garms 01</ac:parameter></ac:structured-macro>
\[Garms 2001\] Garms, Jess, and Daniel Somerfield. _Professional Java Security_. Birmingham, UK: Wrox Press (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="709d5bb4-f32a-458e-abaa-10f7da2f2bce"><ac:parameter ac:name="">Goetz 02</ac:parameter></ac:structured-macro>
\[Goetz 2002\] Goetz, Brian. [Java Theory and Practice: Safe Construction Techniques: Don't Let the "this" Reference Escape during Construction|http://www.ibm.com/developerworks/java/library/j-jtp0618.html]. IBM developerWorks (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="93840235-e5b6-4f7e-9584-8a94e769103d"><ac:parameter ac:name="">Goetz 04</ac:parameter></ac:structured-macro>
\[Goetz 2004\] Goetz, Brian. [Java Theory and Practice: Garbage Collection and Performance: Hints, Tips, and Myths about Writing Garbage Collection-Friendly Classes|http://www.ibm.com/developerworks/java/library/j-jtp01274.html]. IBM developerWorks (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b22cb30c-4aed-489b-a6d6-bef65b636457"><ac:parameter ac:name="">Goetz 04b</ac:parameter></ac:structured-macro>
\[Goetz 2004b\] Goetz, Brian. [Java Theory and Practice: The Exceptions Debate: To Check, or Not to Check?|http://www.ibm.com/developerworks/library/j-jtp05254.html] IBM developerWorks (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="39256c3d-ce7a-4d82-8ae8-dca2a3136574"><ac:parameter ac:name="">Goetz 04c</ac:parameter></ac:structured-macro>
\[Goetz 2004c\] Goetz, Brian. [Java Theory and Practice: Going Atomic: The New Atomic Classes Are the Hidden Gems of java.util.concurrent|http://www.ibm.com/developerworks/java/library/j-jtp11234/]. IBM developerWorks (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="56882b7e-6b26-4e2f-a086-038b3a6235b8"><ac:parameter ac:name="">Goetz 05</ac:parameter></ac:structured-macro>
\[Goetz 2005\] Goetz, Brian. [Java Theory and Practice: Be a Good (Event) Listener, Guidelines for Writing and Supporting Event Listeners|http://www.ibm.com/developerworks/java/library/j-jtp07265/index.html]. IBM developerWorks (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6b021a8f-771f-4f62-af2d-e34a12d15901"><ac:parameter ac:name="">Goetz 05b</ac:parameter></ac:structured-macro>
\[Goetz 2005b\] Goetz, Brian. [Java Theory and Practice: Plugging Memory Leaks with Weak References: Weak References Make It Easy to Express Object Lifecycle Relationships|http://www.ibm.com/developerworks/java/library/j-jtp11225/]. IBM developerWorks (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="18d7e6e8-5563-4a57-aecf-ff2b2b1222f5"><ac:parameter ac:name="">Goetz 06</ac:parameter></ac:structured-macro>
\[Goetz 2006\] Goetz, Brian, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, and Doug Lea. _Java Concurrency in Practice_. Upper Saddle River, NJ: Addison-Wesley Professional (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f7c27f6e-3d59-46bf-9ea2-73a0fa110c99"><ac:parameter ac:name="">Goetz 06b</ac:parameter></ac:structured-macro>
\[Goetz 2006b\] Goetz, Brian. [Java Theory and Practice: Good Housekeeping Practices|http://www.ibm.com/developerworks/java/library/j-jtp03216.html]. IBM developerWorks (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b2579d5a-f7e3-40b6-8c33-0b8767ce66e3"><ac:parameter ac:name="">Goetz 07</ac:parameter></ac:structured-macro>
\[Goetz 2007\] Goetz, Brian. [Java Theory and Practice: Managing Volatility: Guidelines for Using Volatile Variables|http://www.ibm.com/developerworks/java/library/j-jtp06197.html]. IBM developerWorks (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c4388691-2441-4551-a9f1-934974306005"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro>
\[Goldberg 1991\] Goldberg, David. [What Every Computer Scientist Should Know About Floating-Point Arithmetic| http://docs.oracle.com/cd/E19957-01/806-3568/ncg_goldberg.html]. Sun Microsystems (1991/2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dbc77fdc-458e-40c0-acd4-390e9672beea"><ac:parameter ac:name="">Gong 03</ac:parameter></ac:structured-macro>
\[Gong 2003\] Gong, Li, Gary Ellison, and Mary Dageforde. _Inside Java 2 Platform Security: Architecture, API Design, and Implementation_, 2nd ed. Upper Saddle River, NJ: Prentice Hall (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1b18489a-6bb6-4aef-9785-1c7f50dfce85"><ac:parameter ac:name="">Grand 02</ac:parameter></ac:structured-macro>
\[Grand 2002\] Grand, Mark. _Patterns in Java, Vol. 1_, 2nd ed. New York: Wiley (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4670a16e-e334-40b4-a272-53304569e007"><ac:parameter ac:name="">Greanier 00</ac:parameter></ac:structured-macro>
\[Greanier 2000\] Greanier, Todd. [Discover the Secrets of the Java Serialization API|http://java.sun.com/developer/technicalArticles/Programming/serialization/]. Sun Developer Network (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3d5760dc-f075-4f08-899c-ec5a5218e1e7"><ac:parameter ac:name="">Green 08</ac:parameter></ac:structured-macro>
\[Green 2008\] Green, Roedy. [Canadian Mind Products Java & Internet Glossary|http://mindprod.com/jgloss/jgloss.html] (2008/2012).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="79a14a13-58ee-44fe-9555-526ac91133d4"><ac:parameter ac:name="">Grigg 06</ac:parameter></ac:structured-macro>
\[Grigg 2006\] Grigg, Jeffery. [Reflection on Inner Classes|http://www.c2.com/cgi/wiki?ReflectionOnInnerClasses] (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6399f7f7-add7-4ebe-b1bb-b459cb8aa1e1"><ac:parameter ac:name="">Grosso 01</ac:parameter></ac:structured-macro>
\[Grosso 2001\] Grosso, William. [_Java RMI_|http://oreilly.com/catalog/javarmi/chapter/ch10.html]. Sebastopol, CA: O'Reilly (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="16e00c22-ebea-470b-9647-5674be034c2f"><ac:parameter ac:name="">Gupta 05</ac:parameter></ac:structured-macro>
\[Gupta 2005\] Gupta, Satish Chandra, and Rajeev Palanki. [Java Memory Leaksâ€”Catch Me If You Can: Detecting Java Leaks Using IBM Rational Application Developer 6.0|http://www.ibm.com/developerworks/rational/library/05/0816_GuptaPalanki/]. IBM developerWorks (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c81a2459-23ab-4a20-8090-cf4e7127adab"><ac:parameter ac:name="">Haack 06</ac:parameter></ac:structured-macro>
\[Haack 2006\] Haack, Christian, Erik Poll, Jan SchÃ¤fer, and Aleksy Schubert. [Immutable Objects in Java|https://pms.cs.ru.nl/iris-diglib/src/getContent.php?id=2006-Haack-ObjectsImmutable]. Research report, Radboud University Nijmegen (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf8ae6dc-19c0-4535-bc57-3d2b93be5e4c"><ac:parameter ac:name="">Haggar 00</ac:parameter></ac:structured-macro>
\[Haggar 2000\] Haggar, Peter. _Practical Javaâ„¢ Programming Language Guide_. Reading, MA: Addison-Wesley Professional (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b01ac1a6-0159-430b-8451-023b08d707db"><ac:parameter ac:name="">Halloway 00</ac:parameter></ac:structured-macro>
\[Halloway 2000\] Halloway, Stuart. [Java Developer Connection Tech Tips|http://javaservice.net/~java/bbs/read.cgi?m=devtip&b=jdc&c=r_p_p&n=954297433], March 28, 2000. Sun Microsystems (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="42b041da-5788-4d7e-8dc2-868623821c92"><ac:parameter ac:name="">Halloway 01</ac:parameter></ac:structured-macro>
\[Halloway 2001\] Halloway, Stuart. [Java Developer Connection Tech Tips|http://www.javaservice.net/~java/bbs/read.cgi?m=devtip&b=jdc&c=r_p&n=981107352&p=1&s=t], January 30, 2001. Sun Microsystems (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f60c3b5a-4265-4eea-b774-688455ac094f"><ac:parameter ac:name="">Harold 97</ac:parameter></ac:structured-macro>
\[Harold 1997\] Harold, Elliotte Rusty. _Java Secrets_. Foster City, CA: IDG Books Worldwide (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ef6e27aa-e209-4aab-942d-638be884b61c"><ac:parameter ac:name="">Harold 99</ac:parameter></ac:structured-macro>
\[Harold 1999\] Harold, Elliotte Rusty. _Java I/O_. Sebastopol, CA: O'Reilly (1999).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="858a720b-8644-4243-a068-97146ebdb2c3"><ac:parameter ac:name="">Harold 06</ac:parameter></ac:structured-macro>
\[Harold 2006\] Harold, Elliotte Rusty. _Java I/O_, 2nd ed. Sebastopol, CA: O'Reilley (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b1a1c684-473f-411b-aca8-a12aac7cbede"><ac:parameter ac:name="">Hawtin 08</ac:parameter></ac:structured-macro>
\[Hawtin 2008\] Hawtin, Thomas. [Secure Coding Antipatterns: Preventing Attacks and Avoiding Vulnerabilities|http://www.makeitfly.co.uk/Presentations/london-securecoding.pdf]. Sun Microsystems, Make It Fly, London (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c1827b99-a8ed-4e2e-a301-6bfb0a441e12"><ac:parameter ac:name="">Henney 03</ac:parameter></ac:structured-macro>
\[Henney 2003\] Henney, Kevlin. [Null Object, Something for Nothing|http://www.two-sdg.demon.co.uk/curbralan/papers/europlop/NullObject.pdf] (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8c13d14d-c3af-4b09-9cf4-ff424bb3d34f"><ac:parameter ac:name="">Hitchens 02</ac:parameter></ac:structured-macro>
\[Hitchens 2002\] Hitchens, Ron. _Javaâ„¢ NIO_. Cambridge, MA: O'Reilly (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="377ca546-234d-49e5-bc41-7dd8b20177c8"><ac:parameter ac:name="">Hornig 07</ac:parameter></ac:structured-macro>
\[Hornig 2007\] Hornig, Charles. [Advanced Javaâ„¢ Globalization|http://61.153.44.88/javaone/2007/java-se/TS-2873.pdf]. JavaOne Conference (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f079df59-462c-4a3e-b71b-1dca53b17236"><ac:parameter ac:name="">Hovemeyer 07</ac:parameter></ac:structured-macro>
\[Hovemeyer 2007\] Hovemeyer, David, and William Pugh. Finding More Null Pointer Bugs, But Not Too Many. In _Proceedings of the 7th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE)_, San Diego (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="22bb43a6-94c7-475b-ba41-5f8de068adb8"><ac:parameter ac:name="">Hunt 98</ac:parameter></ac:structured-macro>
\[Hunt 1998\] Hunt, J., and F. Long. Java's Reliability: An Analysis of Software Defects in Java. _IEE Proceedings: Software_ 145(2/3):41â€“50 (1998).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0f971213-c365-4dfb-914e-30cee03320e7"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro>
\[IEC 60812 2006\] IEE (International Electrotechnical Commission). _Analysis Techniques for System Reliability: Procedure for Failure Mode and Effects Analysis (FMEA)_, 2nd ed. Geneva: IEC (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b4a21ed5-0aca-4924-9020-cf82e9dfb065"><ac:parameter ac:name="">IEEE 754 2006</ac:parameter></ac:structured-macro>
\[IEEE 754 2006\] IEEE (Institute of Electrical and Electronics Engineers). [_Standard for Binary Floating-Point Arithmetic_|http://grouper.ieee.org/groups/754/] (IEEE 754-1985). New York: IEEE (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="454d5a85-1bd6-4a39-8497-2b2670ec522d"><ac:parameter ac:name="">J2SE 00</ac:parameter></ac:structured-macro>
\[J2SE 2000\] JavaTM 2 SDK, Standard Edition Documentation, [J2SE Documentation version 1.3|http://docs.oracle.com/javase/1.3/docs/guide/]. Sun Microsystems/Oracle (2000/2010).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="65010dde-71ee-4a2c-b908-52a352fed904"><ac:parameter ac:name="">JarSpec 08</ac:parameter></ac:structured-macro>
\[JarSpec 2008\] J2SE Documentation version 1.5, [Jar File Specification|http://docs.oracle.com/javase/1.5.0/docs/guide/jar/jar.html]. Oracle (2008/2010).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b439bd00-9b84-4b8f-9372-0b8291189374"><ac:parameter ac:name="">Java 06</ac:parameter></ac:structured-macro>
\[Java 2006\] [java: The Java Application Launcher|http://docs.oracle.com/javase/6/docs/technotes/tools/windows/java.html]. Oracle (2006/2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="65afa68e-4d0b-4044-8e51-ea578e8dc7f6"><ac:parameter ac:name="">Java2NS 99</ac:parameter></ac:structured-macro>
\[Java2NS 1999\] Pistoia, Marco, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani. _Java 2 Network Security_. Upper Saddle River, NJ: Prentice Hall (1999).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="208542d9-77a7-4934-9b6c-2ddb5fdd9ac0"><ac:parameter ac:name="">JavaGenerics 04</ac:parameter></ac:structured-macro>
\[JavaGenerics 2004\] [Java Generics|http://docs.oracle.com/javase/1.5.0/docs/guide/language/generics.html]. Oracle (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e166e9ad-d50a-4a0f-bf5b-d80244f3f4ce"><ac:parameter ac:name="">JavaThreads 99</ac:parameter></ac:structured-macro>
\[JavaThreads 1999\] Oaks, Scott, and Henry Wong. _Java Threads_, 2nd ed. Sebastopol, CA: O'Reilly (1999).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3841b0ff-fdfe-427d-a0a5-cc79d6c35e1a"><ac:parameter ac:name="">JavaThreads 04</ac:parameter></ac:structured-macro>
\[JavaThreads 2004\] Oaks, Scott, and Henry Wong. _Java Threads_, 3rd ed. Sebastopol, CA: O'Reilly (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fc9a8f56-40af-48a0-a590-80112dfd6fb1"><ac:parameter ac:name="">JDK7 08</ac:parameter></ac:structured-macro>
\[JDK7 2008\] [Javaâ„¢ Platform, Standard Edition 7 Documentation|http://docs.oracle.com/javase/7/docs/]. Oracle (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b5bf1c41-46ef-4299-aa3f-aba94ca10724"><ac:parameter ac:name="">JLS 05</ac:parameter></ac:structured-macro>
\[JLS 2005\] Gosling, James, Bill Joy, Guy Steele, and Gilad Bracha. _Java Language Specification_, 3rd ed. Upper Saddle River, NJ: Prentice Hall (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ed123cd3-81a4-4bdf-bbce-010176451a94"><ac:parameter ac:name="">JLS 11</ac:parameter></ac:structured-macro>
\[JLS 2011\] Gosling, James, Bill Joy, Guy Steele, Gilad Bracha, and Alex Buckley. [_Java Language Specification: Java SE 7 Edition_|http://docs.oracle.com/javase/specs/jls/se7/html/index.html]. Oracle America (2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0b8ff815-a6e7-4f1a-ae52-6141708dcd6e"><ac:parameter ac:name="">JMX 06</ac:parameter></ac:structured-macro>
\[JMX 2006\] [Monitoring and Management for the Java Platform|http://docs.oracle.com/javase/6/docs/technotes/guides/management/index.html]. Oracle (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3ca54e9a-6735-46e0-ba13-0da1fbcf37ea"><ac:parameter ac:name="">JMXG 06</ac:parameter></ac:structured-macro>
\[JMXG 2006\] [Java SE Monitoring and Management Guide|http://docs.oracle.com/javase/6/docs/technotes/guides/management/toc.html]. Oracle (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d82adfc5-745e-46b5-a115-3e137cc573eb"><ac:parameter ac:name="">JNI 06</ac:parameter></ac:structured-macro>
\[JNI 2006\] [Java Native Interface|http://docs.oracle.com/javase/6/docs/technotes/guides/jni/index.html]. Oracle (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5d467886-fdc9-440f-a0fa-c485a6bcb314"><ac:parameter ac:name=""> Jovanovic 06</ac:parameter></ac:structured-macro>
\[Jovanovic 2006\] Jovanovic, Nenad, Christopher Kruegel, and Engin Kirda. [Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)|http://dx.doi.org/10.1109/SP.2006.29]. In _Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06)_, pp. 258â€“263, May 21â€“24, Oakland, CA (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1835e102-6113-4061-8503-17695cf6b77e"><ac:parameter ac:name="">JPDA 04</ac:parameter></ac:structured-macro>
\[JPDA 2004\] [Java Platform Debugger Architecture (JPDA)|http://docs.oracle.com/javase/6/docs/technotes/guides/jpda/index.html]. Oracle (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="29fbd055-2481-48ed-ad22-b0712e10d63a"><ac:parameter ac:name="">JPL 06</ac:parameter></ac:structured-macro>
\[JPL 2006\] Arnold, Ken, James Gosling, and David Holmes. _The Javaâ„¢ Programming Language_, 4th ed. Reading, MA: Addison-Wesley Professional (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="55e9efb8-a59c-4052-8fe7-ad318b1f7849"><ac:parameter ac:name="">JSR-133 04</ac:parameter></ac:structured-macro>
\[JSR-133 2004\] [JSR-133: JavaTM Memory Model and Thread Specification|http://www.cs.umd.edu/~pugh/java/memoryModel/jsr133.pdf] (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="02596638-8171-4757-99f6-8e4b4146068c"><ac:parameter ac:name="">JVMTI 06</ac:parameter></ac:structured-macro>
\[JVMTI 2006\] [Java Virtual Machine Tool Interface (JVM TI)|http://docs.oracle.com/javase/6/docs/technotes/guides/jvmti/index.html]. Oracle (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="34bb9bde-c002-4dce-906f-345edbc39e69"><ac:parameter ac:name="">JVMSpec 99</ac:parameter></ac:structured-macro>
\[JVMSpec 1999\] [The Java Virtual Machine Specification|http://docs.oracle.com/javase/specs/]. Oracle (1999).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="48ba8bd9-0adf-4915-8e47-3db2829101e2"><ac:parameter ac:name="">Kabanov 09</ac:parameter></ac:structured-macro>
\[Kabanov 2009\] Kabanov, Jevgeni. [The Ultimate Java Puzzler|http://dow.ngra.de/2009/02/16/the-ultimate-java-puzzler/] (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d4ebf4e3-c64b-4b6e-8e8f-b2fbbb4a1ca0"><ac:parameter ac:name="">Kabutz 01</ac:parameter></ac:structured-macro>
\[Kabutz 2001\] Kabutz, Heinz M. _The Java Specialists' Newsletter_. (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1f0d68bc-7b2b-42f9-94dd-c533b995ee7c"><ac:parameter ac:name="">Kalinovsky 04</ac:parameter></ac:structured-macro>
\[Kalinovsky 2004\] Kalinovsky, Alex. _Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering_. Indianapolis: SAMS (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="144ade9c-a8d7-4af7-8307-f1a467620460"><ac:parameter ac:name="">Knoernschild 01</ac:parameter></ac:structured-macro>
\[Knoernschild 2001\] Knoernschild, Kirk. _Javaâ„¢ Design: Objects, UML, and Process_. Boston: Addison-Wesley Professional (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3a145da5-0c17-4e9d-b4fb-51416a46faee"><ac:parameter ac:name="">Lai 08</ac:parameter></ac:structured-macro>
\[Lai 2008\] Lai, Charlie. Java Insecurity: Accounting for Subtleties That Can Compromise Code. _IEEE Software_ 25(1):13â€“19 (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6d97ab71-3848-491c-84f1-b71af0199d71"><ac:parameter ac:name="">Langer 08</ac:parameter></ac:structured-macro>
\[Langer 2008\] Langer, Angelica, trainer and consultant. [http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html|http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html] (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4a208e3c-3e65-4747-86a6-2ca3aaf08a26"><ac:parameter ac:name="">Lea 00</ac:parameter></ac:structured-macro>
\[Lea 2000\] Lea, Doug. _Concurrent Programming in Java: Design Principles and Patterns_, 2nd ed. Reading, MA: Addison-Wesley (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66813092-0b9e-4ee1-a20e-63043539d10b"><ac:parameter ac:name="">Lea 00b</ac:parameter></ac:structured-macro>
\[Lea 2000b\] Lea, Doug, and William Pugh. [Correct and Efficient Synchronization of Javaâ„¢ Technologyâ€“based Threads|http://www.cs.umd.edu/~pugh/java/memoryModel/TS-754.pdf]. JavaOne Conference (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e50e8a1a-31a5-4ec3-99b9-b5a70ba93992"><ac:parameter ac:name="">Lea 08</ac:parameter></ac:structured-macro>
\[Lea 2008\] Lea, Doug. [The JSR-133 Cookbook for Compiler Writers|http://g.oswego.edu/dl/jmm/cookbook.html] (2008/2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b85210cb-43f4-4644-be1e-b9dba578deac"><ac:parameter ac:name="">Lee 09</ac:parameter></ac:structured-macro>
\[Lee 2009\] Lee, Sangjin, Mahesh Somani, and Debashis Saha eBay Inc. [Robust and Scalable Concurrent Programming: Lessons from the Trenches|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-4620.pdf]. JavaOne Conference (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5b581f58-1de7-4251-95e3-e01f4b3ac18e"><ac:parameter ac:name="">Liang 97</ac:parameter></ac:structured-macro>
\[Liang 1997\] Liang, Sheng. _The Javaâ„¢ Native Interface, Programmer's Guide and Specification_. Reading, MA: Addison-Wesley (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7e5651f4-37a3-40a3-ad97-6c7ff3189809"><ac:parameter ac:name="">Liang 98</ac:parameter></ac:structured-macro>
\[Liang 1998\] Liang, Sheng, and Gilad Bracha. [Dynamic Class Loading in the Javaâ„¢ Virtual Machine|http://portal.acm.org/citation.cfm?doid=286936.286945]. In _Proceedings of the 13th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications_, New York (1998).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="32117839-32ea-4558-98f5-89db0d6c48bd"><ac:parameter ac:name="">Lieberman 86</ac:parameter></ac:structured-macro>
\[Lieberman 1986\] Lieberman, Henry. [Using Prototypical Objects to Implement Shared Behavior in Object-Oriented Systems|http://portal.acm.org/citation.cfm?id=28718]. In _Proceedings of the Conference on Object-Oriented Programming Systems, Languages and Applications_, pp. 214â€“223, Portland, OR (1986).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="743d4e1a-ea61-45d9-8027-c5f4e44c436e"><ac:parameter ac:name="">Lo 05</ac:parameter></ac:structured-macro>
\[Lo 2005\] Lo, Chia-Tien Dan, Srisa-an, Witawas, and Chang, J. Morris. [Security Issues in Garbage Collection|http://www.eng.auburn.edu/users/hamilton/security/papers/STSC%20CrossTalk%20-%20Security%20Issues%20in%20Garbage%20Collection%20-%20Oct%A02005.pdf]. _STSC Crosstalk_, (2005, October).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d2b0f287-008d-48ab-a8dc-72fcfd14f24c"><ac:parameter ac:name="">Long 05</ac:parameter></ac:structured-macro>
\[Long 2005\] Long, Fred. [Software Vulnerabilities in Java|http://www.sei.cmu.edu/publications/documents/05.reports/05tn044.html]. CMU/SEI-2005-TN-044 (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="564ae3ea-cf3f-4341-8637-d24daeeb207e"><ac:parameter ac:name="">Long 11</ac:parameter></ac:structured-macro>
\[Long 2011\] Long, Fred, Dhruv Mohindra, Robert C. Seacord, and Dean F. Sutherland. _The CERT Oracle Secure Coding Standard for Java_, SEI Series in Software Engineering. Upper Saddle River, NJ: Addison-Wesley (2011)

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="62fcefd5-c99e-43a8-828a-364c05be93eb"><ac:parameter ac:name="">Low 97</ac:parameter></ac:structured-macro>
\[Low 1997\] Low, Douglas. Protecting Java Code via Obfuscation. _Crossroads_ 4(3):21â€“23 (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0e4b6cac-ac98-4237-8ba5-9c280cbf230f"><ac:parameter ac:name="">Macgregor 98</ac:parameter></ac:structured-macro>
\[Macgregor 1998\] MacGregor, Robert, Dave Durbin, John Owlett, and Andrew Yeomans. _Java Network Security_. Upper Saddle River, NJ: Prentice Hall PTR (1998).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="99455676-5fad-42c6-812c-d97e02d1e410"><ac:parameter ac:name="">Mahmoud 02</ac:parameter></ac:structured-macro>
\[Mahmoud 2002\] Mahmoud, H. Qusay. [Compressing and Decompressing Data Using Java APIs|http://java.sun.com/developer/technicalArticles/Programming/compression/]. Oracle (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5fc9d66d-e595-4627-b50c-d1bf172c913e"><ac:parameter ac:name="">Mak 02</ac:parameter></ac:structured-macro>
\[Mak 2002\] Mak, Ronald. _Java Number Cruncher: The Java Programmer's Guide to Numerical Computing_. Upper Saddle River, NJ: Prentice Hall (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b406249c-bdc4-4d0a-b8b0-e5ff961070ce"><ac:parameter ac:name="">Manson 04</ac:parameter></ac:structured-macro>
\[Manson 2004\] Manson, Jeremy, and Brian Goetz. [JSR 133 (Java Memory Model) FAQ|http://www.cs.umd.edu/~pugh/java/memoryModel/jsr-133-faq.html#finalRight] (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="775cc518-aa2a-4b41-b19a-50fd23bb36c1"><ac:parameter ac:name="">Manson 06</ac:parameter></ac:structured-macro>
\[Manson 2006\] Manson, Jeremy, and William Pugh. [The Javaâ„¢ Memory Model: The Building Block of Concurrency|http://developers.sun.com/learning/javaoneonline/2006/coreplatform/TS-1630.pdf]. JavaOne Conference (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="671583ac-08e3-4749-b4ca-b3897d93c9e8"><ac:parameter ac:name="">Martin 96</ac:parameter></ac:structured-macro>
\[Martin 1996\] Martin, Robert C. [Granularity|http://www.objectmentor.com/resources/articles/granularity.pdf]. _The C++ Report_ 8(10):57â€“62 (1996).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="25a95d81-00d6-47c0-9baa-37cae4d2566f"><ac:parameter ac:name="">McCluskey 01</ac:parameter></ac:structured-macro>
\[McCluskey 2001\] McCluskey, Glen. Java Developer Connection Tech Tips. (2001, April 10).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1a147ba4-19d2-4a27-a5d2-d42d268b7f91"><ac:parameter ac:name="">McGraw 99</ac:parameter></ac:structured-macro>
\[McGraw 1999\] McGraw, Gary, and Edward W. Felten. _Securing Java: Getting Down to Business with Mobile Code_. New York: Wiley (1999).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b2e204ba-abfd-46ce-9394-e313a93f89c7"><ac:parameter ac:name="">McGraw 98</ac:parameter></ac:structured-macro>
\[McGraw 1998\] McGraw, Gary, and Edward W. Felten. [Twelve Rules for Developing More Secure Java Code|http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules.html]. _JavaWorld.com_ (1998).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cec06908-014c-4b07-8ce5-d66beceb3584"><ac:parameter ac:name="">Miller 09</ac:parameter></ac:structured-macro>
\[Miller 2009\] Miller, Alex. [Javaâ„¢ Platform Concurrency Gotchas|http://developers.sun.com/learning/javaoneonline/sessions/2009/pdf/TS-4863.pdf]. JavaOne Conference (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e2a865d6-1ebd-49e9-aab4-84ebe4ee6597"><ac:parameter ac:name="">MITRE 09</ac:parameter></ac:structured-macro>
\[MITRE 2009\] MITRE Corporation. [Common Weakness Enumeration|http://cwe.mitre.org/] (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c92ee7e3-a7cf-4e13-bbec-236a41928f5c"><ac:parameter ac:name="">Mocha 07</ac:parameter></ac:structured-macro>
\[Mocha 2007\] [Mocha, the Java Decompiler|http://www.brouhaha.com/~eric/software/mocha/] (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4107ebdf-2b35-46c0-9aea-c9cab326d4d2"><ac:parameter ac:name="">Monsch 06</ac:parameter></ac:structured-macro>
\[Monsch 2006\] Monsch, Jan P. [Ruining Security with java.util.Random|http://www.iplosion.com/papers/ruining_security_with_java.util.random_v1.0.p], Version 1.0 (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3c7bf7ae-ad85-491e-b949-458cfff48285"><ac:parameter ac:name="">MSDN 09</ac:parameter></ac:structured-macro>
\[MSDN 2009\] Microsoft. [Using SQL Escape Sequences|http://msdn.microsoft.com/en-us/library/ms378045(SQL.90).aspx] (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="39f593b4-6148-4daa-885e-4ece59f45e45"><ac:parameter ac:name="">Muchow 01</ac:parameter></ac:structured-macro>
\[Muchow 2001\] Muchow, John W. [MIDlet Packaging with J2ME|http://www.onjava.com/pub/a/onjava/2001/04/26/midlet.html]. _ONJava_ (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d2cf85d1-1709-4835-a978-b85d1c21dbf1"><ac:parameter ac:name="">M&amp;#xFC;ller 02</ac:parameter></ac:structured-macro>
\[MÃ¼ller 2002\] MÃ¼ller, Andreas, and Geoffrey Simmons. [Exception Handling: Common Problems and Best Practice with Java 1.4|http://www.old.netobjectdays.org/pdf/02/papers/industry/1430.pdf]. Sun Microsystems (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="769a3e81-a062-4f48-a031-29674014986d"><ac:parameter ac:name="">Naftalin 06</ac:parameter></ac:structured-macro>
\[Naftalin 2006\] Naftalin, Maurice, and Philip Wadler. _Java Generics and Collections_. Sebastopol, CA: O'Reilly (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5c38b5b9-80b6-4fa9-b2cc-2ba257958e85"><ac:parameter ac:name="">Naftalin 06b</ac:parameter></ac:structured-macro>
\[Naftalin 2006b\] Naftalin, Maurice, and Philip Wadler. [Javaâ„¢ Generics and Collections: Tools for Productivity|http://gceclub.sun.com.cn/java_one_online/2007/pdf/TS-2890.pdf]. JavaOne Conference (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4fb3f484-e810-42ec-9d8f-a41f3ab10647"><ac:parameter ac:name="">Netzer 92</ac:parameter></ac:structured-macro>
\[Netzer 1992\] Netzer, Robert H. B., and Barton P. Miller. [What Are Race Conditions? Some Issues and Formalization|http://portal.acm.org/citation.cfm?id=130616.130623]. _ACM Letters on Programming Languages and Systems_ 1(1):74â€“88 (1992).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7bc1f0dd-cf0b-45f0-8f4b-45af8a8bca79"><ac:parameter ac:name="">Neward 04</ac:parameter></ac:structured-macro>
\[Neward 2004\] Neward, Ted. _Effective Enterprise Java_. Boston: Addison-Wesley (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2c357682-adbf-477a-8aa9-108edf19cc7b"><ac:parameter ac:name="">Nisewanger 07</ac:parameter></ac:structured-macro>
\[Nisewanger 2007\] Nisewanger, Jeff. [Avoiding Antipatterns|http://developers.sun.com/learning/javaoneonline/2007/pdf/TS-2594.pdf]. JavaOne Conference (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2f28469e-6736-46da-bd78-606084fa8108"><ac:parameter ac:name="">Nolan 04</ac:parameter></ac:structured-macro>
\[Nolan 2004\] Nolan, Godfrey. _Decompiling Java_. Berkeley, CA: Apress (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f94c7ab7-576c-44e9-8439-57e3af8467dc"><ac:parameter ac:name="">Oaks 01</ac:parameter></ac:structured-macro>
\[Oaks 2001\] Oaks, Scott. _Java Security_. Sebastopol, CA: O'Reilly (2001).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="86c1a4b3-6a28-484e-accd-6cc12a0075f2"><ac:parameter ac:name="">Oracle 10</ac:parameter></ac:structured-macro>
\[Oracle 2010a\] [Java SE 6 HotSpot\[tm\] Virtual Machine Garbage Collection Tuning|http://www.oracle.com/technetwork/java/javase/gc-tuning-6-140523.html]. Oracle (2010).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2f776f4c-47b8-4f35-9a10-67bbc78ed185"><ac:parameter ac:name="">OWASP 05</ac:parameter></ac:structured-macro>
\[OWASP 2005\] OWASP (Open Web Application Security Project). [A Guide to Building Secure Web Applications and Web Services|https://www.owasp.org/index.php/OWASP_Guide_Project] (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e59c47ec-b9cc-4f39-8281-90f86740ca57"><ac:parameter ac:name="">OWASP 07</ac:parameter></ac:structured-macro>
\[OWASP 2007\] OWASP (Open Web Application Security Project). [OWASP Top 10 for JAVA EE|https://www.owasp.org/images/8/89/OWASP_Top_10_2007_for_JEE.pdf] (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f1001459-dc77-408a-8d4d-8bbfed22a22d"><ac:parameter ac:name="">OWASP 08</ac:parameter></ac:structured-macro>
\[OWASP 2008\] [OWASP (Open Web Application Security Project).|http://www.owasp.org/index.php/Main_Page] (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c190fcb1-7e8b-4931-908d-b9766d1c35a6"><ac:parameter ac:name="">Permissions 08</ac:parameter></ac:structured-macro>
\[Permissions 2008\] [Permissions in the Javaâ„¢ SE 6 Development Kit (JDK)|http://docs.oracle.com/javase/6/docs/technotes/guides/security/permissions.html]. Oracle (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="09c05611-fece-4808-a531-a27c92cbff0f"><ac:parameter ac:name="">Philion 03</ac:parameter></ac:structured-macro>
\[Philion 2003\] Philion, Paul. [Beware the Dangers of Generic Exceptions|http://www.javaworld.com/javaworld/jw-10-2003/jw-1003-generics.html?page=2#sidebar1]. _JavaWorld.com_ (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b0aa6226-cb39-4d0b-ab16-d620b1d56942"><ac:parameter ac:name="">Phillips 05</ac:parameter></ac:structured-macro>
\[Phillips 2005\] Phillips, Addison P. [Are We Counting Bytes Yet? Writing Encoding Converters Using Java NIO|http://www.inter-locale.com/whitepaper/IUC27-a303.html]. Paper presented at the 27th Internationalization and Unicode Conference, April 6â€“8, Berlin (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3d8200a3-3bf7-4e95-b7c4-2dcb8089ce72"><ac:parameter ac:name="">Pistoia 04</ac:parameter></ac:structured-macro>
\[Pistoia 2004\] Pistoia, Marco, Nataraj Nagaratnam, Larry Koved, and Anthony Nadalin. _Enterprise Java Security: Building Secure J2EE Applications_. Boston: Addison-Wesley (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0c08c339-70a4-4d07-b72f-dcd4445459f8"><ac:parameter ac:name="">Policy 02</ac:parameter></ac:structured-macro>
\[Policy 2002\] [Default Policy Implementation and Policy File Syntax| http://docs.oracle.com/javase/1.4.2/docs/guide/security/PolicyFiles.html], Document revision 1.6, Sun Microsystems/Oracle (2002/2010).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="072be73e-e20f-44b4-91e2-a1ce9f0e3b27"><ac:parameter ac:name="">Pugh 04</ac:parameter></ac:structured-macro>
\[Pugh 2004\] Pugh, William. [The Java Memory Model (discussions reference)|http://www.cs.umd.edu/~pugh/java/memoryModel/]. Discussion based on work supported by the National Science Foundation under Grant No. 0098162 (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f89b23f3-94c9-4733-a01f-098889a08d81"><ac:parameter ac:name="">Pugh 08</ac:parameter></ac:structured-macro>
\[Pugh 2008\] Pugh, William. [Defective Java Code: Turning WTF Code into a Learning Experience|http://www.oracle.com/technetwork/java/j1sessn-jsp-156302.html]. JavaOne Conference (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="60b9c8a8-6a5a-4544-8543-b3e9fcc33dfe"><ac:parameter ac:name="">Pugh 09</ac:parameter></ac:structured-macro>
\[Pugh 2009\] Pugh, William. [Defective Java Code: Mistakes That Matter|http://www.oracle.com/technetwork/java/j1sessn-jsp-156297.html]. JavaOne Conference (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f8caf2cf-8483-48f2-acd2-f7ebd2d48415"><ac:parameter ac:name="">Reasoning 03</ac:parameter></ac:structured-macro>
\[Reasoning 2003\] [Reasoning Inspection Service Defect Data: Tomcat v 1.4.24|http://www.reasoning.com/pdf/Tomcat_Defect_Report.pdf] (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2ef4ac06-1102-46f9-9362-06b5dedb2156"><ac:parameter ac:name="">Reflect 06</ac:parameter></ac:structured-macro>
\[Reflect 2006\] [Reflection|http://docs.oracle.com/javase/7/docs/technotes/guides/reflection/index.html]. Oracle (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="12024b4f-4086-42a9-a0a9-11132713dd8f"><ac:parameter ac:name="">Rogue 00</ac:parameter></ac:structured-macro>
\[Rogue 2000\] Vermeulen, Allan, Scott W. Ambler, Greg Bumgardner and Eldon Metz. _The Elements of Java Style_. New York: Cambridge University Press (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5e8f0815-5bdf-4e2f-b8cb-604fcd8db915"><ac:parameter ac:name="">Rotem 08</ac:parameter></ac:structured-macro>
\[Rotem 2008\] Rotem-Gal-Oz, Arnon. [Fallacies of Distributed Computing Explained|http://www.rgoarchitects.com/Files/fallacies.pdf] (white paper) (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dd8ab30d-6f79-498f-8985-2c64940f984b"><ac:parameter ac:name="">Roubtsov 03</ac:parameter></ac:structured-macro>
\[Roubtsov 2003\] Roubtsov, Vladimir. [Breaking Java Exception-Handling Rules Is Easy|http://www.javaworld.com/javaworld/javaqa/2003-02/02-qa-0228-evilthrow.html]. _JavaWorld.com_ (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b1fe3c5a-0c3f-4c1e-bc45-d9d8e5f09658"><ac:parameter ac:name="">Roubtsov 03b</ac:parameter></ac:structured-macro>
\[Roubtsov 2003b\] Roubtsov, Vladimir. [Into the Mist of Serialization Myths|http://www.javaworld.com/javaworld/javaqa/2003-06/02-qa-0627-mythser.html?page=1]. _JavaWorld.com_ (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="25e37df0-bdbd-4855-b581-30de89c55935"><ac:parameter ac:name="">Saltzer 74</ac:parameter></ac:structured-macro>
\[Saltzer 1974\] Saltzer, J. H. Protection and the Control of Information Sharing in Multics. _Communications of the ACM_ 17(7):388â€“402 (1974).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e67ab681-746d-4d6e-8e83-598e792740b2"><ac:parameter ac:name="">Saltzer 75</ac:parameter></ac:structured-macro>
\[Saltzer 1975\] Saltzer, J. H., and M. D. Schroeder. The Protection of Information in Computer Systems. In _Proceedings of the IEEE_ 63(9):1278â€“1308.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c8f325ca-5397-4354-bfd2-fb4c153b1225"><ac:parameter ac:name="">SCG 07</ac:parameter></ac:structured-macro>
\[SCG 2007\] Secure Coding Guidelines for the Java Programming Language, version 2.0. Sun Microsystems (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dc27b486-467c-4c90-bf87-76e64b1590ef"><ac:parameter ac:name="">SCG 09</ac:parameter></ac:structured-macro>
\[SCG 2009\] [Secure Coding Guidelines for the Java Programming Language, version 3.0|https://blogs.oracle.com/mullan/entry/secure_coding_guidelines_for_the]. Oracle (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f6da302c-fb3c-40ca-aac6-9994194c4af0"><ac:parameter ac:name="">Schildt 07</ac:parameter></ac:structured-macro>
\[Schildt 2007\] Schildt, Herb. _Herb Schildt's Java Programming Cookbook_. New York: McGraw-Hill (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="df94bcc9-78a4-4aea-8410-820a12ff970a"><ac:parameter ac:name="">Schneier 00</ac:parameter></ac:structured-macro>
\[Schneier 2000\] Schneier, Bruce. _Secrets and Liesâ€”Digital Security in a Networked World_. New York: Wiley (2000).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cd74bfc1-1a32-4e84-b7b1-d312c8814a2e"><ac:parameter ac:name="">Schoenefeld 04</ac:parameter></ac:structured-macro>
\[Schoenefeld 2004\] Java Vulnerabilities in Opera 7.54 BUGTRAQ Mailing List (bugtraq@securityfocus.com) (2004, November).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0ae93325-a4f1-4c5f-892c-04aa91933a78"><ac:parameter ac:name="">Schwarz 04</ac:parameter></ac:structured-macro>
\[Schwarz 2004\] Schwarz, Don. [Avoiding Checked Exceptions|http://www.oreillynet.com/onjava/blog/2004/09/avoiding_checked_exceptions.html]. _ONJava_ (2004).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="721f77ce-a69d-44a1-83e8-30bc59c95388"><ac:parameter ac:name="">Schweisguth 03</ac:parameter></ac:structured-macro>
\[Schweisguth 2003\] Schweisguth, Dave. [Java Tip 134: When Catching Exceptions, Don't Cast Your Net Too Wide|http://www.javaworld.com/javaworld/javatips/jw-javatip134.html?page=2]. _JavaWorld.com_ (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="36d10e04-bc4d-4e22-a0fb-9974e1be6c96"><ac:parameter ac:name="">SDN 08</ac:parameter></ac:structured-macro>
\[SDN 2008\] [Sun Developer Network|http://developers.sun.com/]. Sun Microsystems (1994/2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0a2cd1ec-f14a-4b32-a4f0-727a2ecf37ef"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro>
\[Seacord 2005\] Seacord, Robert C. _Secure Coding in C and C+\+_. Boston: Addison-Wesley (2005). See [http://www.cert.org/books/secure-coding] for news and errata.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2fc200ef-38a2-4508-9363-fca985443211"><ac:parameter ac:name="">SecArch 06</ac:parameter></ac:structured-macro>
\[SecArch 2006\] [Java 2 Platform Security Architecture|http://docs.oracle.com/javase/6/docs/technotes/guides/security/spec/security-spec.doc.html]. Oracle (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0f635eef-dc52-436b-9bb4-3102ecf2df83"><ac:parameter ac:name="">Security 06</ac:parameter></ac:structured-macro>
\[Security 2006\] [Java Security Guides|http://docs.oracle.com/javase/6/docs/technotes/guides/security/]. Oracle (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d125031e-cc02-4f44-ba8f-8a42ead698e1"><ac:parameter ac:name="">SecuritySpec 08</ac:parameter></ac:structured-macro>
\[SecuritySpec 2008\] [Java Security Architecture|http://docs.oracle.com/javase/1.5.0/docs/guide/security/spec/security-specTOC.fm.html]. Oracle (2008/2010).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="308cf1ae-3c67-42d4-9d91-18945c52717b"><ac:parameter ac:name="">Sen 07</ac:parameter></ac:structured-macro>
\[Sen 2007\] Sen, Robi. [Avoid the Dangers of XPath Injection|http://www.ibm.com/developerworks/xml/library/x-xpathinjection.html]. IBM developerWorks (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="329564ff-7851-4eb7-be69-45b809dc81bd"><ac:parameter ac:name="">Steel 05</ac:parameter></ac:structured-macro>
\[Steel 2005\] Steel, Christopher, Ramesh Nagappan, and Ray Lai. _Core Security Patterns: Best Practices and Strategies for J2EEâ„¢, Web Services, and Identity Management_. Upper Saddle River, NJ: Prentice Hall PTR (2005).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="217f12fa-8b18-4180-8513-d6027945a455"><ac:parameter ac:name="">Steele 1977</ac:parameter></ac:structured-macro>
\[Steele 1977\] Steele, Guy Lewis. [Arithmetic Shifting Considered Harmful|http://doi.acm.org/10.1145/956641.956647]. _SIGPLAN Notices_ 12(11):61â€“69 (1977).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0c4f9501-7640-472d-9fc4-be0758fe1b18"><ac:parameter ac:name="">Steinberg 05</ac:parameter></ac:structured-macro>
\[Steinberg 2005\] Steinberg, Daniel H. Java Developer Connection Tech Tips: Using the Varargs Language Feature. (2005, January 4).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dac885d7-9cb3-461f-b0fb-372e95210179"><ac:parameter ac:name="">Sterbenz 06</ac:parameter></ac:structured-macro>
\[Sterbenz 2006\] Sterbenz, Andreas, and Charlie Lai. [Secure Coding Antipatterns: Avoiding Vulnerabilities| https://confluence.ucdavis.edu/confluence/download/attachments/16218/TS-1238.pdf?version=1&modificationDate=1180213302000]. JavaOne Conference (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6d342083-d02d-4275-bd78-fa956f340924"><ac:parameter ac:name="">Steuck 02</ac:parameter></ac:structured-macro>
\[Steuck 2002\] Steuck, Gregory. [XXE (Xml eXternal Entity) Attack|http://www.securityfocus.com/archive/1/297714]. SecurityFocus (2002).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a80c070f-c533-44b7-807b-edaa97b3bee6"><ac:parameter ac:name="">Sun 04</ac:parameter></ac:structured-macro>
\[Sun 1999\] [Why Are Thread.stop, Thread.suspend, Thread.resume and Runtime.runFinalizersOnExit Deprecated?|http://docs.oracle.com/javase/1.4.2/docs/guide/misc/threadPrimitiveDeprecation.html] Oracle (1999).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e3308015-819f-4eac-ab05-9812eac10570"><ac:parameter ac:name="">Sun 03</ac:parameter></ac:structured-macro>
\[Sun 2003\] [Sun ONE Application Server 7 Performance Tuning Guide|http://docs.oracle.com/cd/E19199-01/817-2180-10/]. Oracle (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8be01374-bbfa-4ac5-910b-b512be26691b"><ac:parameter ac:name="">Sun 06</ac:parameter></ac:structured-macro>
\[Sun 2006\] [Javaâ„¢ Platform, Standard Edition 6 Documentation|http://docs.oracle.com/javase/6/docs/index.html]. Oracle (2006).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3aa8e081-1ca9-438d-8d80-e99cd5461b4b"><ac:parameter ac:name="">Sun 08</ac:parameter></ac:structured-macro>
\[Sun 2008\] [Javaâ„¢ Plug-in and Applet Architecture|http://docs.oracle.com/javase/6/docs/technotes/guides/jweb/applet/applet_execution.html]. Oracle (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="90abae34-ead3-4219-b65e-749e5d45e8b8"><ac:parameter ac:name="">Sutherland 10</ac:parameter></ac:structured-macro>
\[Sutherland 2010\] Sutherland, Dean F., and William L. Scherlis. [Composable Thread Coloring|http://portal.acm.org/citation.cfm?doid=1693453.1693485]. In _Proceedings of the 15th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming_. New York: ACM (2010).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="85bd7932-b19e-4c1e-bf7f-f3bc8a0e20a5"><ac:parameter ac:name=""> Tanenbaum 03</ac:parameter></ac:structured-macro>
\[Tanenbaum 2003\] Tanenbaum, Andrew S., and Maarten Van Steen. _Distributed Systems: Principles and Paradigms_, 2nd. ed. Upper Saddle River, NJ: Prentice Hall.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="be03d499-b308-4b7d-86a1-965c403963f4"><ac:parameter ac:name="">Techtalk 07</ac:parameter></ac:structured-macro>
\[Techtalk 2007\] Bloch, Josh, and William Pugh. The Phantom-Reference Menace, Attack of the Clone, Revenge of the Shift. JavaOne Conference (2007).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3d817593-1fc9-4c74-8c66-f4ded21c1db3"><ac:parameter ac:name="">Tomcat 09</ac:parameter></ac:structured-macro>
\[Tomcat 2009\] Tomcat Documentation: [Changelog|http://tomcat.apache.org/tomcat-6.0-doc/changelog.html] and [Security Fixes|http://tomcat.apache.org/security-6.html]. Apache Software Foundation (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3920847e-3fd7-45a3-8238-2f841ccb937d"><ac:parameter ac:name="">Tools 11</ac:parameter></ac:structured-macro>
\[Tools 2011\] [JDK Tools and Utilities Specification|http://download.oracle.com/javase/7/docs/technotes/tools/index.html]. Oracle (2011).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c2ee8f15-1343-4ba8-985d-1eb5813458d9"><ac:parameter ac:name="">Tutorials 08</ac:parameter></ac:structured-macro>
\[Tutorials 2008\] [The Java Tutorials|http://docs.oracle.com/javase/tutorial/index.html]. Oracle (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="170b542c-a1dc-4f06-b7a0-421270859b09"><ac:parameter ac:name="">Unicode 09</ac:parameter></ac:structured-macro>
\[Unicode 2009\] The Unicode Consortium. The Unicode Standard, Version 5.2.0, defined by [_The Unicode Standard, Version 5.2_|http://www.unicode.org/versions/Unicode5.2.0/]. Mountain View, CA: The Unicode Consortium (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3a4d8518-cfed-4a72-a4c7-06ac3b4dfc2a"><ac:parameter ac:name="">Venners 97</ac:parameter></ac:structured-macro>
\[Venners 1997\] Venners, Bill. [Security and the Class Loader Architecture|http://www.javaworld.com/javaworld/jw-09-1997/jw-09-hood.html?page=1]. _Java World.com_ (1997).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5974fc7e-f724-4034-b050-12b09f610d11"><ac:parameter ac:name="">Venners 03</ac:parameter></ac:structured-macro>
\[Venners 2003\] Venners, Bill. [Failure and Exceptions: A Conversation with James Gosling, Part II|http://www.artima.com/intv/solid.html]. (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1dd5ce61-6226-4fe5-b0b6-80907ac6030f"><ac:parameter ac:name="">W3C 08</ac:parameter></ac:structured-macro>
\[W3C 2008\] Bray, Tim, Jean Paoli, C. M. Sperberg-McQueen, Eve Maler, and FranÃ§ois Yergeau. [Extensible Markup Language (XML) 1.0, 5th ed|http://www.w3.org/TR/2008/REC-xml-20081126/]. W3C Recommendation (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="abc5a5d5-db85-4533-977f-5ef29e87b15f"><ac:parameter ac:name="">Ware 08</ac:parameter></ac:structured-macro>
\[Ware 2008\] Ware, Michael S. [Writing Secure Java Code:A Taxonomy of Heuristics and an Evaluation of Static Analysis Tools|http://mikeware.us/thesis/] (thesis). James Madison University (2008).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c78c56ae-9a3f-45d8-84b4-ef8221262d47"><ac:parameter ac:name="">Weber 09</ac:parameter></ac:structured-macro>
\[Weber 2009\] Weber, Chris. [Exploiting Unicode-Enabled Software|http://www.lookout.net/wp-content/uploads/2009/03/chris_weber_exploiting-unicode-enabled-software-v15.pdf]. CanSecWest (2009).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d37068aa-a7ee-49d6-9bd4-208d77ecfc09"><ac:parameter ac:name="">Wheeler 03</ac:parameter></ac:structured-macro>
\[Wheeler 2003\] Wheeler, David A. [Secure Programming for Linux and UNIX HOWTO|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html] (2003).

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9128ed61-662e-4d97-9dac-14fde83dfc44"><ac:parameter ac:name="">Zukowski 04</ac:parameter></ac:structured-macro>
\[Zukowski 2004\] Zukowski, John. [Java Developer Connection Tech Tips: Creating Custom Security Permissions|http://java.sun.com/developer/JDCTechTips/2004/tt0518.html#2] (2004).