SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 291

changes.mady.by.user Unknown User (lflynn)

Saved on

compared with

New Version Current

changes.mady.by.user Robert Schiela

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Removed unused ref.

Anchor
Abadi 96
Abadi 96

[Abadi 1996] Martin Abadi and Roger Needham, Prudent Engineering Practice for Cryptographic Protocols, IEEE Transactions on Software Engineering, Volume 22, Issue 1, 1996, 6 - 15., 6–15.

Anchor
Aho 1986
Aho 1986

[Aho 1986] Aho, Alfred V.; Sethi, Ravi; Ullman, Jeffrey D. "Compilers: Principles, Techniques, and Tools" (2nd ed.), 1986.

 

Anchor
AndroidAPI 13
AndroidAPI 13

[Android API 2013] Android API. developer.android.com/reference Package Index, Android, 2013.

Anchor
AndroidGuides 13
AndroidGuides 13

[Android Guide 2013] Android API Guides, developer.android.com/guide/ Introduction to Android, Android, 2013.

Anchor
API 06AndroidSecurityAPI 06
AndroidSecurity

[Android Security] Security Tips, Android Training.

Anchor
Apache 14
Apache 14

[Apache 2014] Apache Tika: A Content Analysis Toolkit, Apache Software Foundation, 2014.

Anchor
Apache 15
Apache 15

[Apache 2015] Apache Tomcat, Apache Software Foundation, 2015.

Anchor
API 06
API 06

[API 2006] Java Platform, Standard Edition 6 API 2006] Java Platform, Standard Edition 6 API Specification, Oracle, 2011.

Anchor
API 12
API 12

[API 2012] Java Platform, Standard Edition 7 API Specification, Oracle, 2012.

Anchor
API 13
API 13Austin 00Austin 00

[Austin 2000] Calvin Austin and Monica Pawlan, Advanced Programming for the Java 2 Platform , Addison-Wesley Longman, Boston, 2000API 2013] Java Platform, Standard Edition 7 API Specification, Oracle, 2013.

Anchor
Black 04Black 04
J2EE API 13
J2EE API 13

[J2EE API 2013] Java Platform, Extended Edition 7 API Specification, Oracle, 2013.

Anchor
API 14
API 14

[API 2014] Java Platform, Standard Edition 8 API Specification, Oracle, 2014.

Anchor
Arnold 06
Arnold 06

[Arnold 2006] Ken Arnold, James Gosling, and David Holmes. The Java Programming Language, 4th ed., Addison-Wesley, Boston, 2006.

Anchor
Austin 00
Austin 00

[Austin 2000] Calvin Austin and Monica Pawlan, Advanced Programming for the Java 2 Platform, Addison-Wesley Longman, Boston, 2000.

Anchor
Black 04
Black 04

[Black 2004 [Black 2004] Paul E. Black and Paul J. Tanenbaum, partial order, in Dictionary of Algorithms and Data Structures [online], Paul E. Black, ed., U.S. National Institute of Standards and Technology, December 17, 2004.
Available at http://xlinux.nist.gov/dads/HTML/partialorder.html. AnchorBlack 06Black 06 [Black 2006] Paul E. Black and Paul J. Tanenbaum, partial order, in Dictionary of Algorithms and Data Structures [online], Paul E. Black, ed., U.S. National Institute of Standards and Technology, December 17, 2004.

Anchor
Black 06
Black 06

[Black 2006] Paul E. Black and Paul J. Tanenbaum, total order, in Dictionary of Algorithms and Data Structures [online], Paul E. Black, ed., U.S. National Institute of Standards and Technology. March 30, 2006. Available at http://xlinux.nist.gov/dads/HTML/totalorder.html.

Anchor
Bloch 01
Bloch 01

[Bloch 2001] Joshua Bloch, Effective Java: Programming Language Guide, Addison-Wesley Professional, Boston, 2001.

...

Anchor
Bloch 08
Bloch 08

[Bloch 2008] Joshua Bloch, Effective JavaJava™: Programming Language Guide, 2nd ed., Addison-Wesley Professional, Boston, 2008.

...

Anchor
CCITT 88
CCITT 88

[CCITT 1988] International Telegraph and Telephone Consultative Committee (CCITT). CCITT Blue Book, Recommendation X.509 and IS0 9594-8: The Directory-Authentication Framework, International Telecommunication Union, Geneva, 1988.

Anchor
Chan 99
Chan 99

[Chan 1999] Patrick Chan, Rosanna Lee, and Douglas Kramer, The Java Class Libraries: Supplement for the Java 2 Platform, v1Volume 1.2, 2nd ed., Volume 1, Prentice Hall, Upper Saddle River, NJ, 1999.

Anchor
Chess 07
Chess 07

[Chess 2007] Brian Chess and Jacob West, Secure Programming with Static Analysis, Addison-Wesley Professional, Boston, MA, 2007, 2007.

Anchor
Chen 14
Chen 14

[Chen 14] Eric Chen, Yutong Pei, Shuo Chen, Yuan Tian, Robert Kotcher, and Patrick Tague. "OAuth Demystified for Mobile Application Developers.", 2014.

Anchor
Chin 11
Chin 11

[Chin 2011] Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner, Analyzing Inter-Application Communication in Android, Proc. MobiSys '11: Proceedings of the 9th international conference International Conference on Mobile systemsSystems, applicationsApplications, and servicesServices, pp. 239-252239–252, ACM, New York, NY, 2011.

Anchor
Christudas 05
Christudas 05

[Christudas 2005] Internals of Java Class Loading, ONJava, 2005.

...

Anchor
Conventions 09
Conventions 09

[Conventions 2009] Code Conventions for the Java Programming Language, Sun Microsystems, 2009.

Anchor
Coomes 07
Coomes 07CVE 11CVE 11

[CVE 2011] Common Vulnerabilities and Exposures, MITRE Corporation, 2011. Available at http://cve.mitre.org. AnchorCoomes 07Coomes 07 [Coomes 2007] John Coomes, Peter Kessler, and Tony Printezis, Coomes 2007] John Coomes, Peter Kessler, and Tony Printezis, Garbage Collection-Friendly Programming, Java SE Garbage Collection Group, Sun Microsystems, JavaOne Conference, 2007.

Anchor
Core Java 04
Core Java 04

[Core Java 2004] Cay S. Horstmann and Gary Cornell, Core Java™ 2, Volume I, Fundamentals, 7th ed., Prentice Hall PTR, Boston, 2004.

Anchor
Coverity 07
Coverity 07

[Coverity 2007] Coverity Prevent User's Manual (3.3.0). Coverity, 2007.

Anchor
Cunningham 95
Cunningham 95

[Cunningham 1995] Ward Cunningham, The CHECKS Pattern Language of Information Integrity, in Pattern Languages of Program Design, James O. Coplien and Douglas C. Schmidt (eds.), Addison-Wesley Professional, Reading, MA, 1995.

Anchor
CVE 11
CVE 11

[CVE 2011] Common Vulnerabilities and Exposures, MITRE Corporation, 2011.

Anchor
Daconta 00
Daconta 00

[Daconta 2000] Michael C. Daconta, When Runtime.exec() Won't, JavaWorld.com, 2000.

Anchor
Daconta 03
Daconta 03

[Daconta 2003] Michael C. Daconta, Kevin T. Smith, Donald Avondolio, and W. Clay Richardson, More Java Pitfalls, Wiley Publishing, New York, 2003.

Anchor
Darwin 04
Darwin 04

[Darwin 2004] Ian F. Darwin, Java Cookbook, O'Reilly, Sebastopol, CA, 2004.

...

Anchor
Dennis 1966
Dennis 1966

[Dennis 1966] Jack B. Dennis and Earl C. Van Horn, Programming Semantics for Multiprogrammed Computations, Communications of the ACM, Volume 9, Issue 3, March 1966, pp. 143-155143–155, DOI=10.1145/365230.365252.

...

Anchor
Eclipse 08
Eclipse 08

[Eclipse 2008] The Eclipse Platform, 2008. 

Anchor
Egele 2013
Egele 2013

[Egele 2013] Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. An Empirical Study of Cryptographic Misuse in Android Applications, Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp.73-8473–84, 2013.

Anchor
EMA 2011
EMA 2011
Anchor
EMA 14
EMA 14

[EMA 20112014] Java SE 6 Documentation, Extension Mechanism Architecture, Oracle, Sun Microsystems1993, 20112014. 

Anchor
Enck 09
Enck 09

[Enck 2009] William Enck, Machigar Ongtang, Patrick Drew McDaniel, and others. Understanding Android Security, IEEE Security & Privacy, vol. 7, 1, p. 50-5750–57, 2009.

Anchor
Encodings 062014
Encodings 062014

[Encodings 20062014] Supported Encodings, Sun MicrosystemsOracle, 20062014. 

Anchor
Enterprise 03
Enterprise 03

[Enterprise 2003] The O'Reilly Java Authors, Java Enterprise Best Practices, O'Reilly, Sebastopol, CA, 2003.

Anchor
ESA 05
ESA 05

[ESA 2005] Java Coding Standards, prepared by European Space Agency (ESA) Board for Software Standardisation and Control (BSSC), 2005. 

Anchor
Fahl 2012
Fahl 2012

[Fahl 2012]  Fahl, Sascha, et al. "Why Eve and Mallory love Android: An analysis of Android SSL (in) security." Proceedings of the 2012 ACM conference Conference on Computer and communications securityCommunications Security. ACM, 2012.

Anchor
Fairbanks 07
Fairbanks 07

[Fairbanks 2007] Design Fragments, Defense Technical Information Center, Ft. Belvoir, VA, 2007.

...

Anchor
Fisher 03
Fisher 03

[Fisher 2003] Maydene Fisher, Jon Ellis, and Jonathan Bruce, JDBC API Tutorial and Reference, 3rd ed., Addison-Wesley, Boston, MA, 2003.

Anchor
Flanagan 05
Flanagan 05

[Flanagan 2005] David Flanagan, Java in a Nutshell, 5th ed., O'Reilly, Sebastopol, CA, 2005.

...

Anchor
Fortify 08
Fortify 08
Anchor
Fortify 14
Fortify 14

[Fortify 20082014] A Taxonomy of Coding Errors that That Affect Security, Java/JSP, Fortify Software, 20082014.

Anchor
Fox 01
Fox 01

[Fox 2001] Joshua Fox, When Is a Singleton Not a Singleton?, Sun Developer Network, 2001.

...

Anchor
Gamma 95
Gamma 95

[Gamma 1995] Erich Gamma, Richard Helm, Ralph Johnson, and John M. Vlissides, Design Patterns: Elements of Reusable Object-Oriented Software, Addison-Wesley Professional, Boston, MA, 1995.

Anchor
Garfinkel 96
Garfinkel 96

[Garfinkel 1996] Simson Garfinkel and Gene Spafford, Practical UNIX & Internet Security, 2nd ed., O'Reilly, Sebastopol, CA, 1996.

Anchor
Garms 01
Garms 01

[Garms 2001] Jess Garms and Daniel Somerfield, Professional Java Security, Wrox Press, Chicago, 2001.

Anchor
GNU 13
GNU 13Goetz 02Goetz 02

[GNU 2013] GNU Coding Standards, Section 5.3, "Clean Use of C Constructs," Richard Stallman and other GNU Project volunteers, 2013

Anchor
Goetz 02
Goetz 02

[Goetz 2002] Brian Goetz, Java Theory and Goetz 2002] Brian Goetz, Java Theory and Practice: Don't Let the "this" Reference Escape during Construction, IBM developerWorks (Java technology), 2002.

...

Anchor
Goetz 05
Goetz 05

[Goetz 2005a] Brian Goetz, Java Theory and Practice: Be a Good (Event) Listener, Guidelines for Writing and Supporting Event Listeners, IBM developerWorks (Java technology), 2005.

Goetz 05b
Anchor
Goetz 05b
[Goetz 2005b] Brian
Goetz
, Java Theory and Practice: Plugging Memory Leaks with Weak References, IBM developerWorks (Java technology), 2005.
Anchor
Goetz 06
Goetz 06

[Goetz 2006a] Brian Goetz, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, and Doug Lea, Java Concurrency in Practice, Addison-Wesley Professional, Boston, MA, 2006.

Anchor
Goetz 06b
Goetz 06b

[Goetz 2006b] Brian Goetz, Java Theory and Practice: Good Housekeeping Practices, IBM developerWorks (Java technology), 2006.

...

Anchor
Gong 03
Gong 03

[Gong 2003] Li Gong, Gary Ellison, and Mary Dageforde, Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd ed., Prentice Hall, Boston, MA, 2003.

Anchor
Goodliffe 07
Goodliffe 07Grand 02Grand 02

[Goodliffe 2014] Pete Goodliffe, Code Craft: The Practice of Writing Excellent Code, No Starch Press, San Francisco, 2007

Anchor
Grand 02
Grand 02

[Grand 2002] Mark Grand, Grand 2002] Mark Grand, Patterns in Java, Volume 1, 2nd ed., Wiley, New York, 2002.

Anchor
Gray 1985
Gray 1985

[Gray 1985] Jim Gray,  Tandem TR 85.7 WHY DO COMPUTERS STOP AND WHAT CAN BE DONE ABOUT IT?, 1985.

Anchor
Greanier 00
Greanier 00

[Greanier 2000] Todd Greanier, Discover the Secrets of the Java Serialization API, Sun Developer Network (SDN), 2000.

...

Anchor
Grosso 01
Grosso 01

[Grosso 2001] William Grosso, Java RMI, O'Reilly, Sebastopol, CA, 2001.

Anchor
Grubb 03
Grubb 03Gupta 05Gupta 05

[Grubb 2003] Penny Grubb and Armstrong A. Takang, Software Maintenance: Concepts and Practice, 2nd ed., World Scientific, River Edge, NJ, 2003.

Anchor
Guillardoy 12
Guillardoy 12

[Guillardoy 2012] Esteban Guillardoy, Java 0Day Analysis (CVE-2012-4681), 2012.

Anchor
Gupta 05
Gupta 05

[Gupta 2005] Satish Chandra Gupta and Rajeev Palanki, Java Gupta 2005] Satish Chandra Gupta and Rajeev Palanki, Java Memory Leaks - Catch Me If You Can, 2005.

...

Anchor
Haggar 00
Haggar 00

[Haggar 2000] Peter Haggar, Practical Java™ Programming Language Guide, Addison-Wesley Professional, Boston, MA, 2000.

Anchor
Halloway 00
Halloway 00

[Halloway 2000] Stuart Halloway, Java Developer Connection Tech Tips, March 28, 2000.

...

Anchor
Harold 06
Harold 06

[Harold 2006] Elliotte Rusty Harold, Java I/O, 2nd ed., O'Reilly, Sebastopol, CA, 2006.

Anchor
Hatton 1995
Hatton 1995Hawtin 08Hawtin 08

[Hatton 1995] Les Hatton, Safer C: Developing Software for High-Integrity and Safety-Critical Systems, McGraw-Hill, New York, 1995.

Anchor
Hawtin 08
Hawtin 08

[Hawtin 2008] Thomas Hawtin, Secure Coding Antipatterns: Preventing Hawtin 2008] Thomas Hawtin, Secure Coding Antipatterns: Preventing Attacks and Avoiding Vulnerabilities, Sun Microsystems, Make it Fly 2008, London. 2008, 2008.

Anchor
Havelund 09
Havelund 09

[Havelund 2009] Klaus Havelund and Al Niessner, JPL Coding Standard, version 1.1, California Institute of Technology, 2009.

Anchor
Heffley 2004
Heffley 2004

[Heffley 2004] J. Heffley and P. Meunier, Can Source Code Auditing Software Identify Common Vulnerabilities and Be Used to Evaluate Software Security? Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS–04), Track 9, Volume 9, IEEE Computer Society, January 2004.

Anchor
Henney 03
Henney 03

[Henney 2003] Kevlin Henney, Null Object, Something for Nothing, 2003.

Anchor
Hitchens 02Hitchens 02
[Hitchens 2002] Ron Hitchens, Java™ NIO, O'Reilly, Sebastopol, CA, 2002.
HP 15
HP 15

[Hewlett-Packard 2015] Hewlett-Packard Development Company, J2EE Bad Practices: Leftover Debug Code [generated from version 2015.1.0.0009 of the Fortify Secure Coding Rulepacks], 2015.

Anchor
Hirondelle 13
Hirondelle 13

[Hirondelle 2013] Passwords Never Clear in Text, Hirondelle Systems, 2013.

Anchor
Hitchens 02
Hitchens 02

[Hitchens 2002] Ron Hitchens, Java™ NIO, O'Reilly, Sebastopol, CA, 2002 AnchorHornig 07Hornig 07 [Hornig 2007] Charles Hornig, Advanced Java™ Globalization,JavaOne Conference, 2007.

Anchor
Hovemeyer 07
Hovemeyer 07

[Hovemeyer 2007] David Hovemeyer and William Pugh, Finding More Null Pointer Bugs, But Not Too Many, Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program Analysis for Software Tools and Engineering, 2007.

Anchor
Howard 02
Howard 02

[Howard 2002] Michael Howard and David C. LeBlanc, Writing Secure Code, 2nd ed., Microsoft Press, Redmond, WA, 2002.

Anchor
Hughes 11
Hughes 11

[Hughes 2011] Elliott Hughes, JNI Local Reference Changes in ICS, November 2011.

Anchor
Hunt 98
Hunt 98Hunt 98

[Hunt 1998] J. Hunt and F. Long, Java's Reliability: An Analysis of Software Defects in Java, Software IEEE Proceedings, 1998.

...

Anchor
IEEE 754 2006
IEEE 754 2006

[IEEE 754 2006] IEEE, Standard for Binary Floating-Point Arithmetic (IEEE 754-1985), 2006.

Anchor
ISO/IEC TR 24772-2010ISO/IEC TR 24772-2010
[ISO/IEC TR 24772:2010] ISO/IEC TR 24772. Information TechnologyProgramming LanguagesGuidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use, October 2010. AnchorISO/IEC TR 24772-2013ISO/IEC TR 24772-2013[ISO/IEC TR 24772:2013] ISO/IEC TR 24772:2013. Information Technology—Programming Languages—Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use.  Geneva, Switzerland: International Organization for Standardization, March 2013. Anchor
IETF OAuth1.0a
IETF OAuth1.0a

 [IETF OAuth1.0a] Internet Engineering Task Force (IETF). OAuth core 1.0 revision a. http://oauth.net/core/1.0a/.

Anchor
IETF OAuth2.0
IETF OAuth2.0

 [IETF OAuth2.0] Internet Engineering Task Force (IETF). The OAuth 2.0 authorization framework. http://tools.ietf.org/html/rfc6749.

Anchor
Intrepidus 2012
Intrepidus 2012

[Intrepidus 2012] Intrepidus Group (Mobile Security), NDK File Permissions Gotcha and Fix , 2012.

Anchor
ISO/IEC 11889-1-2009
ISO/IEC 11889-1-2009
Anchor
ISO-IEC 11889-1-2009
ISO-IEC 11889-1-2009

[ISO/IEC 11889-1:2009] ISO/IEC. Information Technology—Trusted Platform Module—Part 1: Overview (ISO/IEC 11889-1:2009). Geneva, Switzerland: ISO, 2009.

Anchor
ISO/IEC TR 24772-2010
ISO/IEC TR 24772-2010

[ISO/IEC TR 24772:2010] ISO/IEC TR 24772. Information TechnologyProgramming LanguagesGuidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use, October 2010.

Anchor
ISO/IEC TR 24772-2013
ISO/IEC TR 24772-2013

[ISO/IEC TR 24772:2013] ISO/IEC TR 24772:2013. Information Technology—Programming Languages—Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use. Geneva, Switzerland: International Organization for Standardization, March 2013.

Anchor
J2SE 00
J2SE 00

[J2SE 2000] Java™ 2 SDK, Standard Edition Documentation, Sun Microsystems, J2SE Documentation version 1.3, Sun Microsystems, 2000.

Anchor
J2SE 11
J2SE 11

[J2SE 2011] Java™ SE 7 Documentation, J2SE Documentation version 1.7, Oracle Corporation, 2011.

Anchor
JarSpec 08
JarSpec 08

[JarSpec 2008] J2SE Documentation version 1.5, Jar File Specification, Sun Microsystems, 2000.

Anchor
Java 06
Java 06

[Java 2006] Java - The Java Application Launcher, Sun Microsystems, 2006.

Anchor
Java2NS 99
Java2NS 99

[Java2NS 1999] Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani, Java 2 Network Security, Prentice Hall, Upper Saddle River, NJ, 1999.

Anchor
JavaGenerics 04
JavaGenerics 04

[JavaGenerics 2004] Oracle, Generics, Sun Microsystems, 2004.

Anchor
JavaThreads 99
JavaThreads 99

[JavaThreads 1999] Scott Oaks and Henry Wong, Java Threads, 2nd ed., O'Reilly, Sebastopol, CA, 1999.

Anchor
JavaThreads 04
JavaThreads 04

[JavaThreads 2004] Scott Oaks and Henry Wong, Java Threads, 3rd ed., O'Reilly, Sebastopol, CA, 2004.

Anchor
Tutorials 08
Tutorials 08
Anchor
Java Tutorials
Java Tutorials
Anchor
Tutorials 15
Tutorials 15

[Java Tutorials] The Java Tutorials, Sun Microsystems, 1995, 2015.

Anchor
JCF 14
JCF 14

[JCF 2014] The Java Collections Framework, Oracle, 2014.

Anchor
JDK Bug 15
JDK Bug 15

[JDK Bug 2015] JDK Bug System, Oracle, 2015.

Anchor
JDK7 08
JDK7 08

[JDK7 2008] Java™ Platform, Standard Edition 7 documentation, Sun Microsystems, December 2008.

Anchor
JLS 05
JLS 05

[JLS 2005] James Gosling, Bill Joy, Guy Steele, and Gilad Bracha, The Java Language Specification, 3rd ed., Prentice Hall, Upper Saddle River, NJ, 2005.

Anchor
JLS 14
JLS 14
Anchor
JLS 15
JLS 15
Anchor
JLS 2015
JLS 2015

[JLS 2015] James Gosling, Bill Joy, Guy Steele, Gilad Bracha, and Alex Buckley, The Java® Language Specification, Java SE 8 Edition,   2015.

Anchor
JMX 06
JMX 06

[JMX 2006] Monitoring and Management for the Java Platform, Sun Microsystems, 2006.

Anchor
JMXG 06
JMXG 06

[JMXG 2006] Java SE Monitoring and Management Guide, Sun Microsystems, 2006.

Anchor
JNI 06
JNI 06

[JNI 2006] Java Native Interface, Sun Microsystems, 2006.

Anchor
JNISpec 14
JNISpec 14

[JNISpec 2014] Java Native Interface Specification, Oracle, 2014.

Anchor
JNItips
JNItips

[JNI Tips] Java Tips, Android Training.

Anchor
Jovanovic 06
Jovanovic 06

[Jovanovic 2006] Nenad Jovanovic, Christopher Kruegel, and Engin Kirda, Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper), Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), pp. 258–263, May 21–24, 2006.

Anchor
JPDA 04
JPDA 04

[JPDA 2004] Java Platform Debugger Architecture (JPDA)J2SE 00J2SE 00 [J2SE 2000] Java™ 2 SDK, Standard Edition Documentation, Sun Microsystems, J2SE Documentation version 1.3, Sun Microsystems, 2000. AnchorJ2SE 11J2SE 11 [J2SE 2011] Java™ SE 7 Documentation, J2SE Documentation version 1.7, Oracle Corporation, 2011. AnchorJarSpec 08JarSpec 08 [JarSpec 2008] J2SE Documentation version 1.5, Jar File Specification, Sun Microsystems, 2000. AnchorJava 06Java 06 [Java 2006] Java - The Java Application Launcher, Sun Microsystems, 2006. AnchorJava2NS 99Java2NS 99 [Java2NS 1999] Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani, Java 2 Network Security, Prentice Hall, Upper Saddle River, NJ, 1999. AnchorJavaGenerics 04JavaGenerics 04 [JavaGenerics 2004] Oracle, Generics, Sun Microsystems, 2004.

Anchor
JPL 06
JPL 06JavaThreads 99JavaThreads 99

[JavaThreads 1999] Scott Oaks and Henry Wong, Java Threads, 2nd ed., O'Reilly, Sebastopol, CA, 1999JPL 2006] Ken Arnold, James Gosling, and David Holmes, The Java™ Programming Language, 4th ed., Addison-Wesley Professional, Boston, 2006.

Anchor
JavaThreads JSR-133 04JavaThreads
JSR-133 04

[JavaThreads JSR-133 2004] Scott Oaks and Henry Wong, Java Threads, 3rd ed., O'Reilly, Sebastopol, CA, JSR-133: Java™ Memory Model and Thread Specification, 2004.

Anchor
JSSEC 13
JSSEC 13JDK7 08JDK7 08

[JDK7 2008] Java™Platform, Standard Edition 7 documentation, Sun Microsystems, December 2008JSSEC 2013] Android Secure Design and Coding Guidebook, (in Japanese),Japan Smartphone Security Association, 2013.

Anchor
JSSEC 14
JSSEC 14JLS 05JLS 05

[JLS 2005] James Gosling, Bill Joy, Guy Steele, and Gilad Bracha, The Java Language Specification, 3rd ed., Prentice Hall, Upper Saddle River, NJ, 2005.JSSEC 2014] Android Application Secure Design / Secure Coding Guidebook, Japan Smartphone Security Association, 2014.

Anchor
JVMTI 06
JVMTI 06

[JVMTI 2006] Java Virtual Machine Tool Interface (JVM TI) AnchorJMX 06JMX 06 [JMX 2006] Monitoring and Management for the Java Platform, Sun Microsystems, 2006.

Anchor
JVMSpec 99
JVMSpec 99JMXG 06JMXG 06

[JMXG 2006JVMSpec 1999] Java SE Monitoring and Management Guide The Java Virtual Machine Specification, Sun Microsystems, 20061999.

Anchor
Kabanov 09
Kabanov 09JNI 06JNI 06

[JNI 2006] Java Native Interface, Sun Microsystems, 2006Kabanov 2009] Jevgeni Kabanov, The Ultimate Java Puzzler, February 16th, 2009.

Anchor
Kabutz 01
Kabutz 01 Jovanovic 06 Jovanovic 06

[Jovanovic 2006] Nenad Jovanovic, Christopher Kruegel, and Engin Kirda, Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper), Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), pp.258–263, May 21–24, 2006Kabutz 2001] Heinz M. Kabutz, The Java Specialists' Newsletter, 2001.

Anchor
JPDA Kalinovsky 04JPDA
Kalinovsky 04

[JPDA Kalinovsky 2004] Java Platform Debugger Architecture (JPDA), Sun MicrosystemsAlex Kalinovsky, Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering, SAMS Publishing, Boston, 2004.

Anchor
JPL 06JPL 06
Klieber 2014
Klieber 2014

[Klieber 2014] William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer. Android Taint Flow Analysis for App Sets, ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis, 2014.

Anchor
Knoernschild 01
Knoernschild 01

[Knoernschild 2001] Kirk Knoernschild, Java™ Design: Objects, UML, and Process [JPL 2006] Ken Arnold, James Gosling, and David Holmes, The Java™ Programming Language, 4th ed., Addison-Wesley Professional, Boston, MA, 2006, 2001.

Anchor
Lai 08
Lai 08

[Lai 2008] Charlie Lai, Java Insecurity: Accounting for Subtleties That Can Compromise Code, 2008.

Anchor
JSR-133 04JSR-133 04
[JSR-133 2004] JSR-133: Java™ Memory Model and Thread Specification, 2004
Langer 08
Langer 08

[Langer 2008] Angelica Langer, Practicalities – Programming with Java Generics, 2008.

Anchor
Laplante 05
Laplante 05JSSEC 13JSSEC 13

[JSSEC 2013] Android Secure Design and Coding Guidebook, (in Japanese),Japan Smartphone Security Association, 2013Laplante 2005] Phillip A. Laplante, Colin J. Neill, Antipatterns: Identification, Refactoring, and Management, Auerbach Publications, Boca Raton, FL, 2005.

Anchor
Lea 00
Lea 00JSSEC 14JSSEC 14

[JSSEC 2014] Android Application Secure Design / Secure Coding Guidebook, Japan Smartphone Security Association, 2014Lea 2000a] Doug Lea, Concurrent Programming in Java, 2nd ed., Addison-Wesley Professional, Boston, 2000.

Anchor
Lea 00b
Lea 00bJVMTI 06JVMTI 06

[JVMTI 2006] Java Virtual Machine Tool Interface (JVM TI), Sun Microsystems, 2006Lea 2000b] Doug Lea and William Pugh, Correct and Efficient Synchronization of Java™ Technology based Threads, JavaOne Conference, 2000.

Anchor
Lea 08
Lea 08JVMSpec 99JVMSpec 99

[JVMSpec 1999] The Java Virtual Machine Specification, Sun Microsystems, 1999Lea 2008] Doug Lea, The JSR-133 Cookbook for Compiler Writers, 2008.

Anchor
Kabanov Lee 09Kabanov
Lee 09

[Kabanov 2009] Jevgeni Kabanov, The Ultimate Java Puzzler, February 16thLee 2009] Sangjin Lee, Mahesh Somani, and Debashis Saha, Robust and Scalable Concurrent Programming: Lessons from the Trenches, JavaOne Conference, 2009.

Anchor
Liang 97
Liang 97Kabutz 01Kabutz 01

[Kabutz 2001] Heinz M. Kabutz, The Java Specialists' Newsletter, 2001Liang 1997] Sheng Liang, The Java™ Native Interface, Programmer's Guide and Specification, Addison-Wesley Professional, Reading, MA, 1997.

Anchor
Liang 98
Liang 98Kalinovsky 04Kalinovsky 04

[Kalinovsky 2004] Alex Kalinovsky, Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering, SAMS Publishing, Boston, 2004. AnchorKlieber 2014Klieber 2014

[Klieber 2014] William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer. Android Taint Flow Analysis for App Sets, ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis, 2014.

...

[Lai 2008] Charlie Lai, Java Insecurity: Accounting for Subtleties That Can Compromise Code , 2008.

...

[Long 2013] Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, and David Svoboda, Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, Addison-Wesley Professional, Reading, MA, 2013.

...

[Masson 2011] Neil D. Masson, Tip: Secure Your Code against the Ffinalizer Vulnerability, IBM developerWorks, 2011.

...

Liang 1998] Sheng Liang and Gilad Bracha, Dynamic Class Loading in the Java™ Virtual Machine, Proceedings of the 13th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, 1998.

Anchor
Lieberman 86
Lieberman 86

[Lieberman 1986] Henry Lieberman, Using Prototypical Objects to Implement Shared Behavior in Object-Oriented Systems, Proceedings on Object-Oriented Programming, Systems, Languages, and Applications, pp. 214–223 (ISSN 0362-1340), Massachusetts Institute of Technology, 1986.

Anchor
Lo 05
Lo 05

[Lo 2005] Chia-Tien Dan Lo, Witawas Srisa-an, and J. Morris Chang, Security Issues in Garbage Collection, STSC Crosstalk, October 2005.

Anchor
Long 05
Long 05

[Long 2005] Fred Long, Software Vulnerabilities in Java, CMU/SEI-2005-TN-044, Software Engineering Institute, Carnegie Mellon University, 2005.

Anchor
Long 13
Long 13

[Long 2013] Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, and David Svoboda, Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, Addison-Wesley Professional, Reading, MA, 2013.

Anchor
LSOD 02
LSOD 02

[LSOD 02] Last Stage of Delirium Research Group, Java and Java Virtual Machine Security. Poland: Last Stage of Delirium Research Group, 2002.

Anchor
Low 97
Low 97

[Low 1997] Douglas Low, Protecting Java Code via Obfuscation, Crossroads Volume 4, Issue 3, 1997.

Anchor
MacGregor 98
MacGregor 98

[MacGregor 1998] Robert MacGregor, Dave Durbin, John Owlett, and Andrew Yeomans, Java Network Security, Prentice Hall PTR, Upper Saddle River, NJ, 1998.

Anchor
Mahmoud 02
Mahmoud 02

[Mahmoud 2002] Qusay H. Mahmoud, Compressing and Decompressing Data Using Java APIs, Oracle, 2002.

Anchor
Mak 02
Mak 02

[Mak 2002] Ronald Mak, Java Number Cruncher: The Java Programmer's Guide to Numerical Computing, Prentice Hall PTR, Upper Saddle River, NJ, 2002.

Anchor
Manson 08
Manson 08

[Manson 2008] Jeremy Manson, Data-Race-ful Lazy Initialization for Performance [blog], 2008.

Anchor
Manson 04
Manson 04

[Manson 2004] Jeremy Manson and Brian Goetz, JSR 133 (Java Memory Model) FAQ, 2004.

Anchor
Manson 06
Manson 06

[Manson 2006] Jeremy Manson and William Pugh, The Java™ Memory Model: The Building Block of Concurrency, JavaOne Conference, 2006.

Anchor
Martin 96
Martin 96

[Martin 1996] Robert C. Martin, Granularity, 1996.

Anchor
Masson 2011
Masson 2011

[Masson 2011] Neil D. Masson, Tip: Secure Your Code against the Finalizer Vulnerability, IBM developerWorks, 2011.

Anchor
McCluskey 01
McCluskey 01

[McCluskey 2001] Glen McCluskey, Java Developer Connection Tech Tips, April 10, 2001.

Anchor
McGraw 99
McGraw 99

[McGraw 1999] Gary McGraw and Edward W. Felten, Securing Java, Getting Down to Business with Mobile Code, Wiley, New York, 1999.

Anchor
Mcgraw 98
Mcgraw 98

[McGraw 1998] Gary McGraw and Edward W. Felten, Twelve Rules for Developing More Secure Java Code, JavaWorld.com, 1998.

Anchor
Mettler 2010A
Mettler 2010A

[Mettler 2010a] Adrian Mettler, David Wagner, and T. Close, Joe-E: A Security-Oriented Subset of Java, 17th Network & Distributed System Security Symposium, 2010.

Anchor
Mettler 2010B
Mettler 2010B

[Mettler 2010b] Adrian Mettler and David Wagner, Class Properties for Security Review in an Object-Capability Subset of Java, Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS '10). ACM, Article 7, DOI=10.1145/1814217.1814224, 2010.

Anchor
Miller 09
Miller 09

[Miller 2009] Alex Miller, Java™ Platform Concurrency Gotchas, JavaOne Conference, 2009.

Anchor
MITRE 2011
MITRE 2011

[MITRE 2011] MITRE Corporation, Common Weakness Enumeration, 2011.

Anchor
Mocha 07
Mocha 07

[Mocha 2007] Mocha, the Java Decompiler, 2007.

Anchor
Monsch 06
Monsch 06

[Monsch 2006] Jan P. Monsch, Ruining Security with java.util.Random Version 1.0, 2006.

Anchor
MSDN 09
MSDN 09

[MSDN 2009] Microsoft Corporation, Using SQL Escape Sequences, 2009.

Anchor
Muchow 01
Muchow 01

[Muchow 2001] John W. Muchow, MIDlet Packaging with J2ME, ONJava.com, 2001.

Anchor
Müller 02
Müller 02

[Müller 2002] Dr. Andreas Müller and Geoffrey Simmons, Exception Handling: Common Problems and Best Practice with Java 1.4, Sun Microsystems GmbH, 2002.

Anchor
Naftalin 06
Naftalin 06

[Naftalin 2006a] Maurice Naftalin and Philip Wadler, Java Generics and Collections, O'Reilly, Sebastopol, CA, 2006.

Anchor
Naftalin 06b
Naftalin 06b

[Naftalin 2006b] Maurice Naftalin and Philip Wadler, Java™ Generics and Collections: Tools for Productivity, JavaOne Conference, 2007.

Anchor
Netzer 92
Netzer 92

[Netzer 1992] Robert H. B. Netzer and Barton P. Miller, What Are Race Conditions? Some Issues and Formalization, University of Wisconsin, Madison, 1992.

Anchor
Neward 04
Neward 04

[Neward 2004] Ted Neward, Effective Enterprise Java, Addison-Wesley Professional, Boston, 2004.

Anchor
Nisewanger 07
Nisewanger 07

[Nisewanger 2007] Jeff Nisewanger, Avoiding Antipatterns, JavaOne Conference, 2007.

Anchor
Nolan 04
Nolan 04

[Nolan 2004] Godfrey Nolan, Decompiling Java, Apress, Berkley, CA, 2004.

Anchor
Oaks 01
Oaks 01

[Oaks 2001] Scott Oaks, Java Security, O'Reilly, Sebastopol, CA, 2001.

Anchor
Octeau 2013
Octeau 2013

[Octeau 2013] D. Octeau, P. McDaniel, S. Jha, A. Bartel, E. Bodden, J. Klein, and Y. Le Traon. Effective Inter-component communication mapping in Android with Epicc: An essential step towards holistic security analysis. In Proc. USENIX Security, 2013.

Anchor
Open Group 04
Open Group 04

[Open Group 2004] The IEEE and The Open Group, The Open Group Base Specifications Issue 6, 2004.

Anchor
Oracle 10
Oracle 10
Anchor
Oracle 10b
Oracle 10b

[Oracle 2010a] Java SE 6 HotSpot™ Virtual Machine Garbage Collection Tuning, Oracle, 2010.

Anchor
Oracle 10b
Oracle 10b

[Oracle 2010b] New I/O APIs, Oracle, 2010.

Anchor
Oracle 11a
Oracle 11a

[Oracle 2011a] Java PKI Programmer's Guide, Oracle, 2011.

Anchor
Oracle 11b
Oracle 11b

[Oracle 2011b] Java Platform™, Standard Edition 6 Documentation, Oracle, 2011.

Anchor
Oracle 11c
Oracle 11c

[Oracle 2011c] Package javax.servelt.http, Oracle  2011.

Anchor
Oracle 11d
Oracle 11d

[Oracle 2011d] Permissions in the Java™ SE 6 Development Kit (JDK), Oracle, 2011.

Anchor
Oracle 13a
Oracle 13a

[Oracle 2013a] API for Privileged Blocks, Oracle, 1993/2013.

Anchor
Oracle 13b
Oracle 13b

[Oracle 2013b] Reading ASCII Passwords from an InputStream Example, Java Cryptography Architecture (JCA) Reference Guide, Oracle, 2013.

Anchor
Oracle 13c
Oracle 13c

[Oracle 2013c] Java Platform Standard Edition 7 Documentation, Oracle, 2013.

Anchor
Oracle 13d
Oracle 13d

[Oracle 2013d] Oracle Security Alert for CVE-2013-0422, Oracle, 2013.

Anchor
Oracle 14
Oracle 14

[Oracle 2014] Secure Coding Guidelines for Java SE, Version 5.0, Oracle, 2014.

Anchor
Oracle 15
Oracle 15

[Oracle 2015] Oracle GlassFish Server Performance Tuning Guide, Tuning the Java Runtime System, Oracle, 2015

...

[Octeau 2013] D. Octeau, P. McDaniel, S. Jha, A. Bartel, E. Bodden, J. Klein, and Y. Le Traon. Effective inter-component communication mapping in Android with Epicc: An essential step towards holistic security analysis. In Proc. USENIX Security, 2013.

AnchorOpen Group 04Open Group 04 [Open Group 2004] The IEEE and The Open Group, The Open Group Base Specifications Issue 6, 2004. AnchorOracle 10Oracle 10 [Oracle 2010a] Oracle Corporation, Java SE 6 HotSpot™ Virtual Machine Garbage Collection Tuning, 2010.

Anchor
OWASP 05
OWASP 05

[OWASP 2005] The Open Web Application Security Project, A Guide to Building Secure Web Applications and Web Services, Open Web Application Security Project (OWASP), 2005.

Anchor
OWASP 07
OWASP 07

[OWASP 2007] OWASP Top 10 for Java EE, OWASP, 2007] The .

Anchor
OWASP 09
OWASP 09

[OWASP 2009] Double Encoding, OWASP, 2009.

Anchor
OWASP 11
OWASP 11

[OWASP 2011] Open Web Application Security Project , OWASP Top 10 for Java EE, 2007(OWASP), 2011.

Anchor
OWASP 0914a
OWASP 0914a

[OWASP 2009] Double Encoding, 2009.2014a] Preventing LDAP Injection in Java, OWASP, 2014.

Anchor
OWASP 14
OWASP 14
Anchor
OWASP 1114b
OWASP 1114b

[OWASP 2011] Open Web Application Security Project (OWASP), 20112014b]  XSS (Cross Site Scripting) Prevention Cheat Sheet, OWASP, 2014.

Anchor
PCI 10
PCI 10

[PCI 2010] PCI Security Standards Council, Payment Card Industry (PCI) Data Security Standard, Version 2.0, October, 2010.

...

Anchor
Philion 03
Philion 03

[Philion 2003] Paul Philion, Beware the dangers Dangers of generic Generic Exceptions, JavaWorld.com, 2003.

...

Anchor
Pistoia 04
Pistoia 04

[Pistoia 2004] Marco Pistoia, Nataraj Nagaratnam, Larry Koved, and Anthony Nadalin, Enterprise Java Security: Building Secure J2EE Applications, Addison-Wesley Professional, Boston, MA, 2004.

Anchor
Policy 02
Policy 02

[Policy 2002] Sun Microsystems, Default Policy Implementation and Policy File Syntax, Document revision 1.6, 2002.

...

Anchor
Pugh 09
Pugh 09

[Pugh 2009] William Pugh, Defective Java Code: Mistakes That Matter, JavaOne Conference, 2009Conference, 2009.

Anchor
Rapid7 14
Rapid7 14

[Rapid7 2014] Jeroen Frijters and Juan Vazquez, Java AtomicReferenceArray Type Violation Vulnerability, 2014.

Anchor
Reasoning 03
Reasoning 03

[Reasoning 2003] Reasoning Inspection Service Defect Data Tomcat v 1.4.24, November 14, 2003.

...

Anchor
Saltzer 74
Saltzer 74

[Saltzer 1974] J. H. Saltzer, Protection and the Control of Information Sharing in Multics. Communications of the ACM 17, 7 (July 1974): 388---402388–402.

Anchor
Saltzer 75
Saltzer 75

[Saltzer 1975] J. H. Saltzer and M. D. Schroeder, The Protection of Information in Computer Systems, Proceedings of the IEEE, Volume 63, Issue 9, 1975, 1278-13081278–1308.
Available at http://web.mit.edu/Saltzer/www/publications/protection/.

...

Anchor
Schildt 07
Schildt 07

[Schildt 2007] Herb Schildt, Herb Schildt's Java Programming Cookbook, McGraw-Hill, New York, 2007.

Anchor
Schindler 12
Schindler 12

Schindler, Uwe. The Policeman’s Horror: Default Locales, Default Charsets, and Default Timezones, The Generics Policeman Blog, November 2012.

Anchor
Schneier 00
Schneier 00

[Schneier 2000] Bruce Schneier, Secrets and Lies—Digital Security in a Networked World, Wiley, New York, 2000.

Anchor
Schönefeld Schönefeld 02Schönefeld
Schönefeld 02

[Schönefeld 2002] Marc Schönefeld, Security Aspects in Java Bytecode Engineering, Blackhat Briefings 2002, Las Vegas, August 2002.

Anchor
Schönefeld Schönefeld 04Schönefeld
Schönefeld 04

[Schönefeld 2004] Marc Schönefeld, Java Vulnerabilities in Opera 7.54, BUGTRAQ Mailing List (bugtraq@securityfocus.com), November 2004.

...

Anchor
SDN 08
SDN 08

[SDN 2008] Sun Microsystems, SUN Developer Network, 1994-20081994–2008.

Anchor
Seacord 05
Seacord 05

[Seacord 2005] Robert C. Seacord, Secure Coding in C and C++, Addison-Wesley Professional, Boston, MA, 2005.

Anchor
Seacord 08
Seacord 08

[Seacord 2008] Robert C. Seacord,The CERT C Secure Coding Standard, Addison-Wesley Professional, Boston, MA, 2008.

Anchor
Seacord 10
Seacord 10

[Seacord 2010] Robert C. Seacord, William Dormann, James McCurley, Philip Miller, Robert Stoddard, David Svoboda, and Jefferson Welch, Source Code Analysis Laboratory (SCALe) for energy delivery systems, CMU/SEI-2010-TR-021, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, December 2010.

Anchor
Seacord 13
Seacord 13

[Seacord 2013] Seacord, Robert C. Secure Coding in C and C++, 2nd ed. Boston: Addison-Wesley, 2nd ed. Addison-Wesley, Boston, 2013.

Anchor
Seacord2015
Seacord2015

[Seacord 2015] Seacord, Robert C. Secure Coding Rules for Java. Addison-Wesley Professional, Boston, 2013.

Anchor
SecArch 06
SecArch 06

[SecArch 2006] Sun Microsystems, Java 2 Platform Security Architecture, 2006.

...

Anchor
Security 06
Security 06

[Security 2006] Java Security Guides, Sun Microsystems, Inc2006. (2006)

Anchor
SecuritySpec 08
SecuritySpec 08

[SecuritySpec 2008] Sun Microsystems, Java Security Architecture, 2008.

Anchor
Sen 07
Sen 07

 [Sen 2007] Robi Sen, Avoid the Dangers of XPath Injection, IBM developerWorks, 2007.

Anchor
Shipilёv 2014
Shipilёv 2014

[Shipilёv 2014] Shipilёv, Aleksey, Safe Publication and Safe Initialization in Java, December 2014.

Anchor
Steel 05
Steel 05

[Steel 2005] Christopher Steel, Ramesh Nagappan, and Ray Lai, Core Security Patterns: Best Practices and Strategies for J2EE™, Web Services, and Identity Management, Prentice Hall PTR, Upper Saddle River, NJ, 2005.

Anchor
Steele 1977
Steele 1977

[Steele 1977] G.L. Steele, Arithmetic Shifting Considered Harmful, ACM SIGPLAN Notices, Volume 12, Issue 11 (1977), 61-6961–69.

Anchor
Steinberg 05
Steinberg 05

[Steinberg 2005] Daniel H. Steinberg, Java Developer Connection Tech Tips Using the Varargs Language Feature, January 4, 2005.

...

Anchor
Sun 02
Sun 02

[Sun 2002] Reflection, Sun Microsystems, 2002).

Anchor
Sun 03
Sun 03

[Sun 2003] Sun Microsystems, Sun ONE Application Server 7 Performance Tuning Guide, 2003.

...

Anchor
Techtalk 07
Techtalk 07

[Techtalk 2007] Josh Bloch and William Pugh, The PhantomReference Menace. Attack of the Clone. Revenge of the Shift., JavaOne Conference, 2007.

Anchor
Tomcat 09
Tomcat 09

[Tomcat 2009] Apache Software Foundation, Changelog and Security fixes, Tomcat documentation, 2009.fixes, Tomcat documentation, 2009.

Anchor
Unicode 2003
Unicode 2003

[Unicode 2003] The Unicode Consortium, The Unicode Standard, Version 4.0.0, defined by The Unicode Standard, Version 4.0, Addison-Wesley, Reading, MA, 2003 AnchorTutorials 08Tutorials 08 [Tutorials 2008] The Java Tutorials, Sun Microsystems, 2008.

Anchor
Unicode 20032007
Unicode 20032007

[Unicode 20032007] The Unicode Consortium, The Unicode Standard, Version 45.01.0, defined by The Unicode Standard, Version 45.0, Addison-Wesley, Reading, MA, 2003, 2007, as amended by Unicode 5.1.0.

Anchor
Unicode 2011
Unicode 2011

[Unicode 2011] The Unicode Consortium, The Unicode Standard, Version 6.0.0, The Unicode Consortium, Mountain View, CA, 2011.

Anchor
Unicode 20072012
Unicode 20072012

[Unicode 20072012] The Unicode Consortium, . The Unicode Standard, Version 5Unicode 6.12.0, defined by , (Mountain View, CA: The Unicode StandardConsortium, Version 5.0, Addison-Wesley, Reading, MA, 2007, as amended by Unicode 5.1.0. AnchorUnicode 2011Unicode 2011 [Unicode 2011] The Unicode Consortium, The Unicode Standard, Version 6.0.0, The Unicode Consortium, Mountain View, CA, 2011.2012. ISBN 978-1-936213-07-8)

Anchor
Urma 14
Urma 14

[Urma 2014] Raoul-Gabriel Urma, Tired of Null Pointer Exceptions? Consider Using Java SE 8's Optional!, Oracle, March 2014.

Anchor
Venners 97
Venners 97

[Venners 1997] Bill Venners, Security and the Class Loader Architecture, Java World.com, 1997.

Anchor
Venners 03
Venners 03

[Venners 2003] Bill Venners, Failure and Exceptions, A Conversation with James Gosling, Part II, Artima.com, 2003.

Anchor
Verify
Verify

[Verify] Verifying App Behavior on the Android Runtime (ART), Android.

Anchor
Vermeulen 00
Vermeulen 00

[Vermeulen 2000] Allan Vermeulen, Scott W. Ambler, Greg Bumgardner, Eldon Metz, Trevor Misfeldt, Jim Shur, and Patrick Thompson. The Elements of Java Style. Cambridge University Press, New York, 2000.

Anchor
viaForensics 14
viaForensics 14

[viaForensics 2014] Secure mobile development best practices, viaForensics LLC., 2014 AnchorVenners 97Venners 97 [Venners 1997] Bill Venners, Security and the Class Loader Architecture, Java World.com, 1997. AnchorVenners 03Venners 03 [Venners 2003] Bill Venners, Failure and Exceptions, A Conversation with James Gosling, Part II, Artima.com, 2003.

Anchor
W3C 08
W3C 08

[W3C 2008] Tim Bray, Jean Paoli, C. M. Sperberg-McQueen, Eve Maler, and François François Yergeau, Extensible Markup Language (XML) 1.0, 5th ed., W3C Recommendation, 2008.

...

Anchor
Zukowski 04
Zukowski 04

[Zukowski 2004] John Zukowski, Creating Custom Security Permissions, Java Developer Connection Tech Tips, May 18, 2004.