Page History

...

Anchor
Daconta 03 Daconta 03

[Daconta 2003] Daconta, Michael C., Kevin T. Smith, Donald Avondolio, and W. Clay Richardson. More Java Pitfalls: 50 New Time-Saving Solutions and Workarounds. Indianapolis, IN: Wiley (2003).

Anchor
Davis 08 Davis 08

[Davis 2008] Davis, Mark, and Ken Whistler (Ed.). Unicode Standard Annex #15: Unicode Normalization Forms (2008).

...

Anchor
GNU 13 GNU 13

[GNU 2013] GNU Coding Standards, §5.3, "Clean Use of C Constructs." (GNU Coding Standards were written by Richard Stallman and other GNU Project volunteers .) (2013).

Anchor
Goetz 04 Goetz 04

[Goetz 2004] Goetz, Brian. Java Theory and Practice: Garbage Collection and Performance: Hints, Tips, and Myths about Writing Garbage Collection-Friendly Classes. IBM developerWorks (2004).

Anchor
Goetz 06 Goetz 06

[Goetz 2006] Goetz, Brian, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, and Doug Lea. Java Concurrency in Practice. Upper Saddle River, NJBoston: Addison-Wesley Professional (2006).

Anchor
Goetz 07 Goetz 07

[Goetz 2007] Goetz, Brian. Java Theory and Practice: Managing Volatility: Guidelines for Using Volatile Variables. IBM developerWorks (20062007).

Anchor
Gong 03 Gong 03

[Gong 2003] Gong, Li, Gary Ellison, and Mary Dageforde. Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd ed. Upper Saddle River, NJ: Prentice Hall Boston: Addison-Wesley (2003).

Anchor
Goodliffe 06 Goodliffe 06

Anchor
Goodliffe 07 Goodliffe 07

[Goodliffe 20062007] Pete Goodliffe. Code Craft: The Practice of Writing Excellent Code. San Francisco: No Starch Press (20062007).

Anchor
Grand 02 Grand 02

[Grand 2002] Grand, Mark. Patterns in Java, Vol. 1, 2nd ed. New York: : A Catalog of Reusable Design Patterns Illustrated with UML, 2nd ed. Indianapolis, IN: Wiley (2002).

Anchor
Grubb 1303 Grubb 1303

[Grubb 20132003] Penny Grubb, and Armstrong A. Takang. Software Maintenance Concepts and Practice, 2nd ed.  River Edge, NJ: World Scientific (20132003).       

Anchor
Guillardoy 12 Guillardoy 12

[Guillardoy 2012] Guillardoy, Esteban (Immunity Products). Java 0-day analysis Analysis (CVE-2012-4681) (August 28, 2012).

Anchor
Hatton 95 Hatton 95

[Hatton 1995] Hatton, Les. Safer C: Developing Software for High-Integrity and Safety-Critical Systems. New York: McGraw-Hill , 1995 (ISBN 0-07-707640-0(1995).

Anchor
Havelund 10 Havelund 10

Anchor
Havelund 09 Havelund 09

[Havelund 20102009]  Havelund, Klaus Havelund, and Al Niessner.  JPL Coding Standard, Version 1.1 (January 25, 2010) 2009)  

Anchor
Hawtin 06 Hawtin 06

[Hawtin 2006] Hawtin, Thomas. [drlvm][kernel_classes] ThreadLocal vulnerabilityVulnerability. MarkMail (2006).

Anchor
Hirondelle 13 Hirondelle 13

[Hirondelle 2013] Hirondelle Systems. Passwords Never Clear in Text (2013).

Anchor
ISO/IEC 01 ISO/IEC 01

[ISO/IEC 9126-1:2001] Software Engineering—Product Quality, Part Quality—Part 1, Quality Model (ISO/IEC 9126-1:2001). Geneva, Switzerland: International Organization for Standardization (2001).

Anchor
ISO/IEC 10 ISO/IEC 10

[ISO/IEC 24765:2010] Software Engineering—Product Quality, Part 1, Quality Model Systems and Software Engineering—Vocabulary (ISO/IEC 24765:2010). Geneva, Switzerland: International Organization for Standardization (2010).

Anchor
JLS 1113 JLS 1113

[JLS 20112013] Gosling, James, Bill Joy, Guy Steele, Gilad Bracha, and Alex Buckley. Java Language Specification: Java SE 7 Edition. Oracle America (20112013).

Anchor
Jovanovic 06 Jovanovic 06

[Jovanovic 2006] Jovanovic, Nenad, Christopher Kruegel, and Engin Kirda. Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper). In Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), pp. 258–263, May 21–24, Oakland, CA (2006).

...

Anchor
JVMSpec 99 JVMSpec 99

[JVMSpec 1999] The Java Virtual Machine Specification. Oracle Sun Microsystems (1999).

Anchor
JVMSpec 13 JVMSpec 13

[JVMSpec 2013] The Java Virtual Machine Specification: Java SE 7 Edition. Oracle America (2013).

Anchor
Kabanov 09 Kabanov 09

[Kabanov 2009] Kabanov, Jevgeni. The Ultimate Java Puzzler (2009).

Anchor
Kalinovsky 04 Kalinovsky 04

[Kalinovsky 2004] Kalinovsky, Alex. Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering. Indianapolis: SAMS (2004).

Anchor
Knoernschild 0102 Knoernschild 0102

[Knoernschild 20012002] Knoernschild, Kirk. Java™ Design: Objects, UML, and Process. Boston: Addison-Wesley Professional (20012002).

Anchor
Lea 00 Lea 00

[Lea 2000] Lea, Doug. Concurrent Programming in Java: Design Principles and Patterns, 2nd ed. Reading, MABoston: Addison-Wesley (2000).

Anchor
Lo 05 Lo 05

[Lo 2005] Lo, Chia-Tien Dan, Witawas Srisa-an, and J. Morris Chang. Security Issues in Garbage Collection. STSC Crosstalk, (2005, October).

Anchor
Long 11 Long 11

Anchor
Long 12 Long 12

[Long 20112012] Long, Fred, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, and David Svoboda. The CERT Oracle Secure Coding Standard for Java, SEI Series in Software Engineering. Upper Saddle River, NJBoston: Addison-Wesley (20112012).

Anchor
Manion 13 Manion 13

[Manion 2013] Manion, Art. Anatomy of Java Exploits, CERT/CC Blog (January 15, 2013).

...

Anchor
McGraw 99 McGraw 99

[McGraw 1999] McGraw, Gary, and Edward W. Felten. Securing Java: Getting Down to Business with Mobile Code, 2nd ed. New York: Wiley (1999).

Anchor
Mettler 10 Mettler 10

[Mettler 2010] Adrian Mettler and David Wagner, Class Properties for Security Review in an Object-Capability Subset of Java, Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS '10). ACM, Article 7, doiDOI: 10.1145/1814217.1814224, 2010.

...

Anchor
Oracle 10b Oracle 10b

[Oracle 2010b] New I/O APIs. Oracle (2010).

Anchor
Oracle 11a Oracle 11a

Anchor
Oracle 11 Oracle 11

[Oracle 2011a] Java PKI Programmer's Guide, Oracle, 2011.

Anchor
Oracle 11b Oracle 11b

[Oracle 2011b] Java Platform™, Standard Edition 6 Documentation, Oracle, 2011.

Anchor
Oracle 11c Oracle 11c

[Oracle 2011c] Package javax.servelt.http, Oracle  2011.

Anchor
Oracle 11d Oracle 11d

[Oracle 2011d] Permissions in the Java™ SE 6 Development Kit (JDK), Oracle, 2011.

Anchor
Oracle 12a Oracle 12a

[Oracle 2012a] API for Privileged Blocks. Oracle (1993/2012).

Anchor
Oracle 12b Oracle 12b

[Oracle 2012b] "Reading ASCII Passwords from an InputStream Example," Java Cryptography Architecture (JCA) Reference Guide. Oracle (2012).

Anchor
Oracle 12c Oracle 12c

[Oracle 2012c] Java Platform Standard Edition 7 Documentation. Oracle (2012] Package javax.servlet.http. Oracle (2011).

Anchor
Oracle 12a13a Oracle 12a13a

[Oracle 2012a2013a] API for Privileged Blocks. , Oracle (, 1993/2012)2013.

Anchor
Oracle 12b13b Oracle 12b13b

[Oracle 2012b2013b] " Reading ASCII Passwords from an InputStream Example, " Java Cryptography Architecture (JCA) Reference Guide. Oracle (2012), Oracle, 2013.

Anchor
Oracle 12c13c Oracle 12c13c

[Oracle 2012c2013c] Java Platform Standard Edition 7 Documentation, Oracle, 2013. Oracle (2012).

Anchor
Oracle 13d Oracle 13d

Anchor
Oracle 13 Oracle 13

[Oracle 20132013d]   Oracle Security Alert for CVE-2013-0422. , Oracle (, 2013).

Anchor
OWASP 05 OWASP 05

[OWASP 2005] OWASP (Open Web Application Security Project). A Guide to Building Secure Web Applications and Web Services (2005).

Anchor
OWASP 08 OWASP 08

[OWASP 2008] OWASP. Open Web Application Security Project homepage (2008).

Anchor
OWASP 09 OWASP 09

[OWASP 2009] OWASP. Session Fixation in Java (2009).

Anchor
OWASP 11 OWASP 11

[OWASP 2011] OWASP. Cross-site Scripting (XSS) (2011).

Anchor
OWASP 12 OWASP 12

[OWASP 2012] OWASP. Hashing Java, "Why Add Salt?" (2012" Hashing Java (2012).

Anchor
OWASP 13 OWASP 13

[OWASP 2013] OWASP. OWASP Guide Project (2011).

Anchor
Paar 09 Paar 09

Anchor
Paar 10 Paar 10

[Paar 20092010] Paar, Christof, and Jan Pelzl. Understanding Cryptography, : A Textbook for Students and Practitioners (companion . New York: Springer (2009). (Companion website contains online cryptography course that covers hash functions).Berlin: Springer (2009) .

Anchor
Pistoia 04 Pistoia 04

[Pistoia 2004] Pistoia, Marco, Nataraj Nagaratnam, Larry Koved, and Anthony Nadalin. Enterprise Java Security: Building Secure J2EE Applications. Boston: Addison-Wesley (2004).

Anchor
Policy 02 Policy 02

Anchor
Policy 02 Policy 02

[Policy 20022010] Default Policy Implementation and Policy File Syntax, Document revision 1.6, Sun Microsystems/ Oracle (2002/2010).

Anchor
Reddy 00 Reddy 00

[Reddy 2000] Reddy, Achut Reddy. Java Coding Style Guide. (2000).

Anchor
Rogue 00 Rogue 00

[Rogue 2000] Vermeulen, Allan, Scott W. Ambler, Greg Bumgardner, and Eldon Metz. The Elements of Java Style. New York: Cambridge University Press (2000).

Anchor
SCG 10 SCG 10

[SCG 2010] Secure Coding Guidelines for the Java Programming Language, version 4.0. Oracle (2010).

Anchor
Seacord 08 Seacord 0808

Anchor
Seacord 09 Seacord 09

[Seacord 20082009] Seacord, Robert C. The CERT C Secure Coding Standard. Boston: Addison-Wesley (20082009).

Anchor
Seacord 12 Seacord 12

[Seacord 2012] Seacord, Robert, Will Dormann, James McCurley, Philip Miller, Robert Stoddard, David Svoboda, and Jefferson Welch. Source Code Analysis Laboratory (SCALe) (CMU/SEI-2012-TN-013). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2012. http://www.sei.cmu.edu/library/abstracts/reports/12tn013.cfm.

...

Anchor
SecuritySpec 08 SecuritySpec 08

Anchor
SecuritySpec 10 SecuritySpec 10

[SecuritySpec 20082010] Java Security Architecture. Oracle (2008/2010).

Anchor
Sen 07 Sen 07

[Sen 2007] Sen, Robi. Avoid the Dangers of XPath Injection. IBM developerWorks (2007).

...

Anchor
Steinberg 05 Steinberg 05

Anchor
Steinberg 08 Steinberg 08

[Steinberg 20052008] Steinberg, Daniel H. Java Developer Connection Tech Tips: Using the Varargs Language Feature. (2005, January 4 Java Developer Connection Tech Tips (2008).

Anchor
Sterbenz 06 Sterbenz 06

[Sterbenz 2006] Sterbenz, Andreas, and Charlie Lai. Secure Coding Antipatterns: Avoiding Vulnerabilities. JavaOne Conference (2006).

...

Anchor
Tutorials 08 Tutorials 08

Anchor
Tutorials 13 Tutorials 13

[Tutorials 20082013] The Java Tutorials. Oracle (20082013).

Anchor
Unicode 09 Unicode 09

[Unicode 2009] The Unicode Consortium. The Unicode Standard, Version 5.2.0, defined by The Unicode Standard, Version 5.2. Mountain View, CA: The Unicode Consortium (2009).

Anchor
Unicode 13 Unicode 13

[Unicode 2013] The Unicode Consortium. The Unicode Standard, Version 6.2.0, defined by Unicode 6.2.0. Mountain View, CA: The Unicode Consortium (2013).

Anchor
Viega 05 Viega 05

[Viega 2005] Viega, John. CLASP Reference Guide, Volume 1.1. Secure Software , (2005).

Anchor
W3C 03 W3C 03

[W3C 2003] The World Wide Web Security FAQ. World Wide Web Consortium (W3C) (2003).

...

Anchor
White 03 White 03

[White 2003] White, Tom. Memoization in Java Using Dynamic Proxy Classes. O'Reilly onJava.com (August 20, 2003).

Anchor
Zadegan 09 Zadegan 09

[Zadegan 2009] Zadegan, Bryant. A Lesson on Infinite Loops (2009).