[Abadi 1996] Martin Abadi and Roger Needham, Prudent Engineering Practice for Cryptographic Protocols,
IEEE Transactions on Software Engineering, Volume 22, Issue 1, 1996, 6–15.
[Aho 1986] Aho, Alfred V.; Sethi, Ravi; Ullman, Jeffrey D. "Compilers: Principles, Techniques, and Tools" (2nd ed.), 1986.
| Anchor |
|---|
| AndroidAPI 13 |
|---|
| AndroidAPI 13 |
|---|
|
[Android API 2013]
Android API.
Package Index, Android, 2013.
...
[Apache 2014]
Apache Tika: A Content Analysis Toolkit, Apache Software Foundation, 2014.
[Apache 2015] Apache Tomcat, Apache Software Foundation, 2015.[API 2006]
Java Platform, Standard Edition 6 API Specification, Oracle, 2011.
...
[Chin 2011] Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner,
Analyzing Inter-Application Communication in Android,
Proc. MobiSys '11: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252, ACM, New York, 2011.
...
[Egele 2013] Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. An Empirical Study of Cryptographic Misuse in Android Applications, Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp.73–84, 2013.
[EMA
20112014]
Java SE 6 Documentation, Extension Mechanism Architecture,
Sun Microsystems, 2011Oracle, 1993, 2014.
[Enck 2009] William Enck, Machigar Ongtang, Patrick Drew McDaniel, and others. Understanding Android Security,
IEEE Security & Privacy, vol. 7, 1, p. 50–57, 2009.
...
[Goetz 2005a] Brian Goetz,
Java Theory and Practice: Be a Good (Event) Listener, Guidelines for Writing and Supporting Event Listeners, IBM developerWorks (Java technology), 2005.
[Goetz 2005b] Brian , Java Theory and Practice: Plugging Memory Leaks with Weak References, IBM developerWorks (Java technology), 2005.[Goetz 2006a] Brian Goetz, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, and Doug Lea,
Java Concurrency in Practice, Addison-Wesley Professional, Boston, 2006.
...
[Heffley 2004] J. Heffley and P. Meunier, Can Source Code Auditing Software Identify Common Vulnerabilities and Be Used to Evaluate Software Security?
Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS–04), Track 9, Volume 9, IEEE Computer Society, January 2004
..[Henney 2003] Kevlin Henney, Null Object, Something for Nothing, 2003.[Hewlett-Packard 2015] Hewlett-Packard Development Company, J2EE Bad Practices: Leftover Debug Code [generated from version 2015.1.0.0009 of the Fortify Secure Coding Rulepacks], 2015| Anchor |
|---|
Henney 03 | Henney 03 | [Henney 2003] Kevlin Henney, Null Object, Something for Nothing, 2003.
| Anchor |
|---|
| Hirondelle 13 |
|---|
| Hirondelle 13 |
|---|
|
[Hirondelle 2013]
Passwords Never Clear in Text, Hirondelle Systems, 2013.
...
[Oracle 2014] Secure Coding Guidelines for Java SE, Version 5.0, Oracle, 2014.
[Oracle 2015] Oracle GlassFish Server Performance Tuning Guide, Tuning the Java Runtime System, Oracle, 2015.
[OWASP 2005]
A Guide to Building Secure Web Applications and Web Services, Open Web Application Security Project (OWASP), 2005.
...
[Pugh 2009] William Pugh,
Defective Java Code: Mistakes That Matter, JavaOne Conference, 2009.
[Rapid7 2014] Jeroen Frijters and Juan Vazquez, Java AtomicReferenceArray Type Violation Vulnerability, 2014.[Reasoning 2003]
Reasoning Inspection Service Defect Data Tomcat v 1.4.24, November 14, 2003.
...
[Zukowski 2004] John Zukowski,
Creating Custom Security Permissions, Java Developer Connection Tech Tips, May 18, 2004.
