SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 255

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 256

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Anchor
Abadi 96
Abadi 96

[Abadi 1996] Abadi, Martin, and Roger Needham. Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering 22(1):6–15 6–15 (1996).

Anchor
API 06
API 06

[API 2006] Java Platform, Standard Edition 6 API Specification. Oracle (2006/2011).

...

Anchor
Black 04
Black 04

[Black 2004] Black, Paul E., and Paul J. Tanenbaum. "partial Partial order." In Dictionary of Algorithms and Data Structures [online]. Paul E. Black, ed., U.S. National Institute of Standards and Technology (2004).

Anchor
Black 06
Black 06

[Black 2006] Black, Paul E., and Paul J. Tanenbaum. "total Total order." In Dictionary of Algorithms and Data Structures [online]. Paul E. Black, ed., U.S. National Institute of Standards and Technology (2006).

...

Anchor
Cohen 81
Cohen 81

[Cohen 1981] Cohen, D. On Holy Wars and a Plea for Peace, IEEE Computer, 14(10):48–54 48–54 (1981).

Anchor
Conventions 09
Conventions 09

[Conventions 2009] Code Conventions for the Java Programming Language. Oracle (2009).

...

Anchor
Davis 08
Davis 08

[Davis 2008] Davis, Mark, and Martin DürstKen Whistler. Unicode Standard Annex #15: Unicode Normalization Forms (2008).

...

Anchor
Dennis 1966
Dennis 1966

[Dennis 1966] Dennis, Jack B., and Earl C. Van Horn. 1966. Programming Semantics for Multiprogrammed Computations. Communications of the ACM, 9(3):143–155 143–155 (1966). doi: 10.1145/365230.365252.

...

Anchor
Gupta 05
Gupta 05

[Gupta 2005] Gupta, Satish Chandra, and Rajeev Palanki. Java Memory Leaks—Catch Leaks—Catch Me If You Can: Detecting Java Leaks Using IBM Rational Application Developer 6.0. IBM developerWorks (2005).

Anchor
Haack 06
Haack 06

[Haack 2006] Haack, Christian, Erik Poll, Jan SchäferSchäfer, and Aleksy Schubert. Immutable Objects in Java. Research report, Radboud University Nijmegen (2006).

Anchor
Haggar 00
Haggar 00

[Haggar 2000] Haggar, Peter. _Practical Java™ Java™ Programming Language Guide_. Reading, MA: Addison-Wesley Professional (2000).

...

Anchor
Hitchens 02
Hitchens 02

[Hitchens 2002] Hitchens, Ron. _Java™ Java™ NIO_. Cambridge, MA: O'Reilly (2002).

Anchor
Hornig 07
Hornig 07

[Hornig 2007] Hornig, Charles. Advanced Java™ Java™ Globalization. JavaOne Conference (2007).

...

Anchor
Hunt 98
Hunt 98

[Hunt 1998] Hunt, J., and F. Long. Java's Reliability: An Analysis of Software Defects in Java. IEE Proceedings: Software 145(2/3):41–50 41–50 (1998).

Anchor
IEC 60812 2006
IEC 60812 2006

[IEC 60812 2006] IEE (International Electrotechnical Commission). Analysis Techniques for System Reliability: Procedure for Failure Mode and Effects Analysis (FMEA), 2nd ed. Geneva: IEC (2006).

...

Anchor
JDK7 08
JDK7 08

[JDK7 2008] Java™ Java™ Platform, Standard Edition 7 Documentation. Oracle (2008).

...

Anchor
Jovanovic 06
Jovanovic 06

[Jovanovic 2006] Jovanovic, Nenad, Christopher Kruegel, and Engin Kirda. Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper). In Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), pp. 258–263258–263, May 21–2421–24, Oakland, CA (2006).

Anchor
JPDA 04
JPDA 04

[JPDA 2004] Java Platform Debugger Architecture (JPDA). Oracle (2004).

Anchor
JPL 06
JPL 06

[JPL 2006] Arnold, Ken, James Gosling, and David Holmes. _The Java™ Java™ Programming Language_, 4th ed. Reading, MA: Addison-Wesley Professional (2006).

Anchor
JSR-133 04
JSR-133 04

[JSR-133 2004] JSR-133: JavaTM Java™ Memory Model and Thread Specification (2004).

...

Anchor
Knoernschild 01
Knoernschild 01

[Knoernschild 2001] Knoernschild, Kirk. _Java™ Java™ Design: Objects, UML, and Process_. Boston: Addison-Wesley Professional (2001).

Anchor
Lai 08
Lai 08

[Lai 2008] Lai, Charlie. Java Insecurity: Accounting for Subtleties That Can Compromise Code. IEEE Software 25(1):13–19 13–19 (2008).

Anchor
Langer 08
Langer 08

[Langer 2008] Langer, Angelica, trainer and consultant. http://www.angelikalanger.com/GenericsFAQ/FAQSections/ProgrammingIdioms.html (2008).

...

Anchor
Lea 00b
Lea 00b

[Lea 2000b] Lea, Doug, and William Pugh. Correct and Efficient Synchronization of Java™ Technology–based Java™ Technology–based Threads. JavaOne Conference (2000).

...

Anchor
Lee 09
Lee 09

[Lee 2009] Lee, Sangjin, Mahesh Somani, and Debashis Saha, eBay Inc. Robust and Scalable Concurrent Programming: Lessons from the Trenches. JavaOne Conference (2009).

Anchor
Liang 97
Liang 97

[Liang 1997] Liang, Sheng. _The Java™ Java™ Native Interface, : Programmer's Guide and Specification_. Reading, MA: Addison-Wesley (1997).

Anchor
Liang 98
Liang 98

[Liang 1998] Liang, Sheng, and Gilad Bracha. Dynamic Class Loading in the Java™ Java™ Virtual Machine. In Proceedings of the 13th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, New York (1998).

Anchor
Lieberman 86
Lieberman 86

[Lieberman 1986] Lieberman, Henry. Using Prototypical Objects to Implement Shared Behavior in Object-Oriented Systems. In Proceedings of the Conference on Object-Oriented Programming Systems, Languages and Applications, pp. 214–223214–223, Portland, OR (1986).

Anchor
Lo 05
Lo 05

[Lo 2005] Lo, Chia-Tien Dan, Witawas Srisa-an, Witawas, and Chang, J. Morris Chang. Security Issues in Garbage Collection. STSC Crosstalk, (2005, October).

...

Anchor
Long 11
Long 11

[Long 2011] Long, Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, and David Svoboda. The CERT Oracle Secure Coding Standard for Java, SEI Series in Software Engineering. Upper Saddle River, NJ: Addison-Wesley (2011)

Anchor
Low 97
Low 97

[Low 1997] Low, Douglas. Protecting Java Code via Obfuscation. Crossroads 4(3):21–23 21–23 (1997).

Anchor
Macgregor 98
Macgregor 98

[Macgregor 1998] MacGregor, Robert, Dave Durbin, John Owlett, and Andrew Yeomans. Java Network Security. Upper Saddle River, NJ: Prentice Hall PTR (1998).

...

Anchor
Manson 06
Manson 06

[Manson 2006] Manson, Jeremy, and William Pugh. The Java™ Java™ Memory Model: The Building Block of Concurrency. JavaOne Conference (2006).

Anchor
Martin 96
Martin 96

[Martin 1996] Martin, Robert C. Granularity. The C++ Report 8(10):57–62 57–62 (1996).

Anchor
McCluskey 01
McCluskey 01

[McCluskey 2001] McCluskey, Glen. Java Developer Connection Tech Tips. (2001, April 10).

...

Anchor
Mettler 10b
Mettler 10b

[Mettler 2010b] Adrian Mettler and David Wagner, Class Properties for Security Review in an Object-Capability Subset of Java, Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS '10). ACM, Article 7, DOI doi: 10.1145/1814217.1814224, 2010.

...

Anchor
Permissions 08
Permissions 08

[Permissions 2008] Permissions in the Java™ Java™ SE 6 Development Kit (JDK). Oracle (2008).

...

Anchor
Phillips 05
Phillips 05

[Phillips 2005] Phillips, Addison P. Are We Counting Bytes Yet? Writing Encoding Converters Using Java NIO. Paper presented at the 27th Internationalization and Unicode Conference, April 6–86–8, Berlin (2005).

Anchor
Pistoia 04
Pistoia 04

[Pistoia 2004] Pistoia, Marco, Nataraj Nagaratnam, Larry Koved, and Anthony Nadalin. Enterprise Java Security: Building Secure J2EE Applications. Boston: Addison-Wesley (2004).

...

Anchor
Rogue 00
Rogue 00

[Rogue 2000] Vermeulen, Allan, Scott W. Ambler, Greg Bumgardner, and Eldon Metz. The Elements of Java Style. New York: Cambridge University Press (2000).

...

Anchor
Saltzer 74
Saltzer 74

[Saltzer 1974] Saltzer, J. H. Protection and the Control of Information Sharing in Multics. Communications of the ACM 17(7):388–402 388–402 (1974).

Anchor
Saltzer 75
Saltzer 75

[Saltzer 1975] Saltzer, J. H., and M. D. Schroeder. The Protection of Information in Computer Systems. In Proceedings of the IEEE 63(9):1278–13081278–1308.

Anchor
SCG 07
SCG 07

[SCG 2007] Secure Coding Guidelines for the Java Programming Language, version 2.0. Sun Microsystems (2007).

...

Anchor
Schneier 00
Schneier 00

[Schneier 2000] Schneier, Bruce. _Secrets and Lies—Digital Lies—Digital Security in a Networked World_. New York: Wiley (2000).

...

Anchor
Seacord 05
Seacord 05

[Seacord 2005] Seacord, Robert C. Secure Coding in C and C++. Boston: Addison-Wesley (2005). See http://www.cert.org/books/secure-coding for news and errata.

Anchor
Seacord 13
Seacord 13

[Seacord 2013] Seacord, Robert C. Secure Coding in C and C++, 2nd ed. Boston: Addison-Wesley (2005). See http://www.cert.org/books/secure-coding for news and errata.

Anchor
SecArch 06
SecArch 06

[SecArch 2006] Java 2 Platform Security Architecture. Oracle (2006).

...

Anchor
Steel 05
Steel 05

[Steel 2005] Steel, Christopher, Ramesh Nagappan, and Ray Lai. _Core Security Patterns: Best Practices and Strategies for J2EE™J2EE™, Web Services, and Identity Management_. Upper Saddle River, NJ: Prentice Hall PTR (2005).

Anchor
Steele 1977
Steele 1977

[Steele 1977] Steele, Guy Lewis. Arithmetic Shifting Considered Harmful. SIGPLAN Notices 12(11):61–69 61–69 (1977).

Anchor
Steinberg 05
Steinberg 05

[Steinberg 2005] Steinberg, Daniel H. Java Developer Connection Tech Tips: Using the Varargs Language Feature. (2005, January 4).

...

Anchor
Sun 08
Sun 08

[Sun 2008] Java™ Java™ Plug-in and Applet Architecture. Oracle (2008).

...

Anchor
W3C 08
W3C 08

[W3C 2008] Bray, Tim, Jean Paoli, C. M. Sperberg-McQueen, Eve Maler, and François François Yergeau. Extensible Markup Language (XML) 1.0, 5th ed. W3C Recommendation (2008).

...

Anchor
Zadegan 09
Zadegan 09

[Zadegan 2009] Zadegan, Bryant. A lesson Lesson on infinite loopsInfinite Loops (2009).

Anchor
Zukowski 04
Zukowski 04

[Zukowski 2004] Zukowski, John. Java Developer Connection Tech Tips: Creating Custom Security Permissions (2004).