...
This chapter contains guidelines that are concerned specifically with ensuring security of Java-based applications. They are concerned with issues such as:
- dealing Dealing with sensitive data;.
- avoiding Avoiding common injection attacks;.
- language Language features that can be misused to compromise security; and.
- details Details of Java's fine-grained security mechanism.
...
This chapter includes guidelines that are:
- Essential Are essential for ensuring correctness of Java code;.
- SpecificContain specific, implementation-level Java coding advice;.
- Have a higher normative requirement than the defensive programming category.
...
Program understandability is the ease with which the program can be understood. That understood—that is, the ability to determine what a program does and how it works by reading its source code and accompanying documentation [Grubb 2013]. Another term used to describe this property of source code is readability. Understandable code is easier to maintain because software maintainers are less likely to introduce defects into code that is clear and comprehensible. Understandability helps in manual analysis of source code because it allows the auditor to more easily spot defects and vulnerabilities.
The guidelines in this chapter are mainly stylistic in nature; they will help a Java programmer to write code that is clearer and , more readable code.
Content by Label | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
This chapter contains guidelines that address:
- Misconceptions about Java APIs and language features;.
- Assumptions and ambiguity-laced programs;.
- Situations in which the programmer wanted to do x but ended up doing y.
They address areas where developers often make unwarranted assumptions about how Java works , or where ambiguities can easily be introduced.
...