[Abadi 1996] Martin Abadi and Roger Needham, Prudent Engineering Practice for Cryptographic Protocols,
IEEE Transactions on Software Engineering, Volume 22, Issue 1, 1996, 6–15.
[Aho 1986] Aho, Alfred V.; Sethi, Ravi; Ullman, Jeffrey D. "Compilers: Principles, Techniques, and Tools" (2nd ed.), 1986.
| Anchor |
|---|
| AndroidAPI 13 |
|---|
| AndroidAPI 13 |
|---|
|
[Android API 2013]
Android API.
Package Index, Android, 2013.
...
[Apache 2014]
Apache Tika: A Content Analysis Toolkit, Apache Software Foundation, 2014
.[Apache 2015] Apache Tomcat, Apache Software Foundation, 2015.
[API 2006]
Java Platform, Standard Edition 6 API Specification, Oracle, 2011.
...
[Chin 2011] Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner,
Analyzing Inter-Application Communication in Android,
Proc. MobiSys '11: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252, ACM, New York, 2011.
...
[Egele 2013] Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. An Empirical Study of Cryptographic Misuse in Android Applications, Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp.73–84, 2013.
[EMA
20112014]
Java SE 6 Documentation, Extension Mechanism Architecture, Oracle,
Sun Microsystems1993,
20112014.
[Enck 2009] William Enck, Machigar Ongtang, Patrick Drew McDaniel, and others. Understanding Android Security,
IEEE Security & Privacy, vol. 7, 1, p. 50–57, 2009.
...
[Goetz 2005a] Brian Goetz,
Java Theory and Practice: Be a Good (Event) Listener, Guidelines for Writing and Supporting Event Listeners, IBM developerWorks (Java technology), 2005.| Anchor |
|---|
Goetz 05b | Goetz 05b | [Goetz 2005b] Brian Goetz,
Java Theory and Practice: Plugging Memory Leaks with Weak References, IBM developerWorks (Java technology), 2005.
...
[
Henney 2003] Kevlin Henney, Null Object, Something for Nothing, 2003Henney 2003] Kevlin Henney, Null Object, Something for Nothing, 2003.[Hewlett-Packard 2015] Hewlett-Packard Development Company, J2EE Bad Practices: Leftover Debug Code [generated from version 2015.1.0.0009 of the Fortify Secure Coding Rulepacks], 2015.
| Anchor |
|---|
| Hirondelle 13 |
|---|
| Hirondelle 13 |
|---|
|
[Hirondelle 2013]
Passwords Never Clear in Text, Hirondelle Systems, 2013.
[Hitchens 2002] Ron Hitchens, Java™ NIO, O'Reilly, Sebastopol, CA, 2002.
[Hovemeyer 2007] David Hovemeyer and William Pugh, Finding More Null Pointer Bugs, But Not Too Many,
Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program Analysis for Software Tools and Engineering, 2007.
...
[JCF 2014]
The Java Collections Framework, Oracle, 2014
.[JDK Bug 2015] JDK Bug System, Oracle, 2015.
[JDK7 2008]
Java™ Platform, Standard Edition 7 documentation, Sun Microsystems, December 2008.
...
[Oracle 2014] Secure Coding Guidelines for Java SE, Version 5.0, Oracle, 2014.
[Oracle 2015] Oracle GlassFish Server Performance Tuning Guide, Tuning the Java Runtime System, Oracle, 2015.
[OWASP 2005]
A Guide to Building Secure Web Applications and Web Services, Open Web Application Security Project (OWASP), 2005.
...
[Pugh 2009] William Pugh,
Defective Java Code: Mistakes That Matter, JavaOne Conference, 2009.
[Rapid7 2014] Jeroen Frijters and Juan Vazquez, Java AtomicReferenceArray Type Violation Vulnerability, 2014.[Reasoning 2003]
Reasoning Inspection Service Defect Data Tomcat v 1.4.24, November 14, 2003.
...
[Zukowski 2004] John Zukowski,
Creating Custom Security Permissions, Java Developer Connection Tech Tips, May 18, 2004.
