[Abadi 1996] Martin Abadi and Roger Needham, Prudent Engineering Practice for Cryptographic Protocols,
IEEE Transactions on Software Engineering, Volume 22, Issue 1, 1996, 6–15.
[Aho 1986] Aho, Alfred V.; Sethi, Ravi; Ullman, Jeffrey D. "Compilers: Principles, Techniques, and Tools" (2nd ed.), 1986.
Anchor |
---|
| AndroidAPI 13 |
---|
| AndroidAPI 13 |
---|
|
[Android API 2013]
Android API.
Package Index, Android, 2013.
...
[Apache 2014]
Apache Tika: A Content Analysis Toolkit, Apache Software Foundation, 2014
.[Apache 2015] Apache Tomcat, Apache Software Foundation, 2015.
[API 2006]
Java Platform, Standard Edition 6 API Specification, Oracle, 2011.
...
[API 2013]
Java Platform, Standard Edition 7 API Specification, Oracle, 2013.[J2EE API 2013] Java Platform, Extended Edition 7 API Specification, Oracle, 2013.
[API 2014]
Java Platform, Standard Edition 8 API Specification, Oracle, 2014.
...
[Chin 2011] Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner,
Analyzing Inter-Application Communication in Android,
Proc. MobiSys '11: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252, ACM, New York, 2011.
...
[Egele 2013] Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. An Empirical Study of Cryptographic Misuse in Android Applications, Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp.73–84, 2013.
[EMA
20112014]
Java SE 6 Documentation, Extension Mechanism Architecture,
Sun Microsystems, 2011Oracle, 1993, 2014.
[Enck 2009] William Enck, Machigar Ongtang, Patrick Drew McDaniel, and others. Understanding Android Security,
IEEE Security & Privacy, vol. 7, 1, p. 50–57, 2009.
Anchor |
---|
| Encodings 062014 |
---|
| Encodings 062014 |
---|
|
[Encodings
20062014]
Supported Encodings,
Sun MicrosystemsOracle,
20062014.
Anchor |
---|
| Enterprise 03 |
---|
| Enterprise 03 |
---|
|
[Enterprise 2003] The O'Reilly Java Authors,
Java Enterprise Best Practices, O'Reilly, Sebastopol, CA, 2003.
...
[Goetz 2005a] Brian Goetz,
Java Theory and Practice: Be a Good (Event) Listener, Guidelines for Writing and Supporting Event Listeners, IBM developerWorks (Java technology), 2005. Anchor |
---|
Goetz 05b | Goetz 05b | [Goetz 2005b] Brian Goetz, Java Theory and Practice: Plugging Memory Leaks with Weak Referencesand Supporting Event Listeners, IBM developerWorks (Java technology), 2005.
...
[Henney 2003] Kevlin Henney,
Null Object, Something for Nothing, 2003
.[Hewlett-Packard 2015] Hewlett-Packard Development Company, J2EE Bad Practices: Leftover Debug Code [generated from version 2015.1.0.0009 of the Fortify Secure Coding Rulepacks], 2015.
Anchor |
---|
| Hirondelle 13 |
---|
| Hirondelle 13 |
---|
|
[Hirondelle 2013]
Passwords Never Clear in Text, Hirondelle Systems, 2013.
[Hitchens 2002] Ron Hitchens, Java™ NIO, O'Reilly, Sebastopol, CA, 2002.
[Hovemeyer 2007] David Hovemeyer and William Pugh, Finding More Null Pointer Bugs, But Not Too Many,
Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program Analysis for Software Tools and Engineering, 2007.
...
Anchor |
---|
| JavaThreads 04 |
---|
| JavaThreads 04 |
---|
|
[JavaThreads 2004] Scott Oaks and Henry Wong,
Java Threads, 3rd ed.,
O'Reilly, Sebastopol, CA, 2004O'Reilly, Sebastopol, CA, 2004. Anchor |
---|
| Java Tutorials |
---|
| Java Tutorials |
---|
|
[Java Tutorials] The Java Tutorials, Sun Microsystems, 1995, 2015.
[JCF 2014]
The Java Collections Framework, Oracle, 2014.
[JDK Bug 2015] JDK Bug System, Oracle, 2015.[JDK7 2008]
Java™PlatformJava™ Platform, Standard Edition 7 documentation, Sun Microsystems, December 2008.
[JLS 2005] James Gosling, Bill Joy, Guy Steele, and Gilad Bracha,
The Java Language Specification, 3rd ed., Prentice Hall, Upper Saddle River, NJ, 2005.
[JLS ...
2015] James Gosling, Bill Joy, Guy Steele, Gilad Bracha, and Alex Buckley, The
...
Java® Language Specification, Java SE 8 Edition,
...
2015.
[JMX 2006]
Monitoring and Management for the Java Platform, Sun Microsystems, 2006.
...
[Mak 2002] Ronald Mak,
Java Number Cruncher: The Java Programmer's Guide to Numerical Computing, Prentice Hall PTR, Upper Saddle River
, NJ, 2002, NJ, 2002.[Manson 2008] Jeremy Manson, Data-Race-ful Lazy Initialization for Performance [blog], 2008.
[Manson 2004] Jeremy Manson and Brian Goetz,
JSR 133 (Java Memory Model) FAQ, 2004.
...
[McGraw 1998] Gary McGraw and Edward W. Felten,
Twelve Rles Rules for Developing More Secure Java Code, JavaWorld.com, 1998.
...
[Oracle 2014] Secure Coding Guidelines for Java SE, Version 5.0, Oracle, 2014.
[Oracle 2015] Oracle GlassFish Server Performance Tuning Guide, Tuning the Java Runtime System, Oracle, 2015.
[OWASP 2005]
A Guide to Building Secure Web Applications and Web Services, Open Web Application Security Project (OWASP), 2005.
...
[Pugh 2009] William Pugh,
Defective Java Code: Mistakes That Matter, JavaOne Conference, 2009
.[Rapid7 2014] Jeroen Frijters and Juan Vazquez, Java AtomicReferenceArray Type Violation Vulnerability, 2014.
[Reasoning 2003]
Reasoning Inspection Service Defect Data Tomcat v 1.4.24, November 14, 2003.
...
[Schildt 2007] Herb Schildt,
Herb Schildt's Java Programming Cookbook, McGraw-Hill
, New York, 2007, New York, 2007.Schindler, Uwe. The Policeman’s Horror: Default Locales, Default Charsets, and Default Timezones, The Generics Policeman Blog, November 2012.
[Schneier 2000] Bruce Schneier,
Secrets and Lies—Digital Security in a Networked World, Wiley, New York, 2000.
Anchor |
---|
| Schönefeld Schönefeld 02Schönefeld |
---|
| Schönefeld 02 |
---|
|
[Sch
önefeld 2002] Marc Sch
önefeld,
Security Aspects in Java Bytecode Engineering, Blackhat Briefings 2002, Las Vegas, August 2002.
Anchor |
---|
| Schönefeld Schönefeld 04Schönefeld |
---|
| Schönefeld 04 |
---|
|
[Sch
önefeld 2004] Marc Sch
önefeld, Java Vulnerabilities in Opera 7.54, BUGTRAQ Mailing List (bugtraq@securityfocus.com), November 2004.
...
[Seacord 2013] Seacord, Robert C.
Secure Coding in C and C++, 2nd ed. Addison-Wesley, Boston, 2013.
[Seacord 2015] Seacord, Robert C. Secure Coding Rules for Java. Addison-Wesley Professional, Boston, 2013.[SecArch 2006] Sun Microsystems,
Java 2 Platform Security Architecture, 2006.
...
Anchor |
---|
| SecuritySpec 08 |
---|
| SecuritySpec 08 |
---|
|
[SecuritySpec 2008] Sun Microsystems,
Java Security Architecture, 2008.
[Sen 2007] Robi Sen,
Avoid the Dangers of XPath Injection, IBM developerWorks, 2007
. Anchor |
---|
| Shipilёv 2014 |
---|
| Shipilёv 2014 |
---|
|
[Shipilёv 2014] Shipilёv, Aleksey, Safe Publication and Safe Initialization in Java, December 2014.
[Steel 2005] Christopher Steel, Ramesh Nagappan, and Ray Lai,
Core Security Patterns: Best Practices and Strategies for J2EEâ¢, Web Services, and Identity Management, Prentice Hall PTR, Upper Saddle River, NJ, 2005.
...
[Tomcat 2009] Apache Software Foundation,
Changelog and
Security fixes, Tomcat documentation, 2009.
Anchor |
---|
Tutorials 08 | Tutorials 08 |
[Tutorials 2008] The Java Tutorials, Sun Microsystems, 2008.[Unicode 2003] The Unicode Consortium,
The Unicode Standard, Version 4.0.0, defined by The Unicode Standard, Version 4.0, Addison-Wesley, Reading, MA, 2003.
...
[Zukowski 2004] John Zukowski,
Creating Custom Security Permissions, Java Developer Connection Tech Tips, May 18, 2004.