The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.05 - September/October (2000 vol.17)
pp: 68-74
ABSTRACT
Developers and users require some degree of assurance in their applications' security vulnerabilities. The authors have designed a prototype tool, Jslint, to help programmers automatically use existing security knowledge.
CITATION
Gary McGraw, Tom Mutdosch, Edward W. Felten, "Statically Scanning Java Code: Finding Security Vulnerabilities", IEEE Software, vol.17, no. 5, pp. 68-74, September/October 2000, doi:10.1109/52.877869
REFERENCES
1. G. McGraw, "Software Assurance for Security," Computer, Vol. 32, No. 4, Apr. 1999, pp. 103-105.
2. C. Cowan et al., "Stackgard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attack," Proc. Seventh Usenix Security Symp., Usenix Assoc., San Diego, Calif., 1998.
3. R. Pethia, "CERT/CC 10th Anniversary Retrospective and Intruder Outlook for the Next 10 Years," Information Survivability Workshop, 1998.
4. T. Gilb and D. Graham, Software Inspection, Addison-Wesley, 1993.
5. G. McGraw and E. Felten, Securing Java: Getting Down to Business with Mobile Code, John Wiley&Sons, New York, 1999.
6. J. Viega et al., "ITS4: A Static Vulnerability Scanner for C and C++ Code," to be published in Proc. Ann. Computer Security Applications Conf. 2000, Dec. 2000.
7. D.S. Wallach and E.W. Felten, "Understanding Java Stack Inspection," Proc. 1998 IEEE Symp. Security and Privacy, IEEE Computer Soc. Press, Los Alamitos, 1998.
8. D. Dean, E. Felten, and D. Wallach, "Java Security: From HotJava to Netscape and Beyond," Proc. IEEE Symp. Security and Privacy, IEEE Computer Soc. Press, Los Alamitos, Calif., 1996.
9. D. Dean et al., "Java Security: Web Browsers and Beyond," Internet Besieged: Countering Cyberspace Scofflaws, D.E. Denning and P.J. Denning, eds., ACM Press, New York, 1997.
10. G. McGraw and E. Felten, "Twelve Rules for Developing More Secure Java," JavaWorld, Dec. 1998, www.javaworld.com/javaworld/jw-12-1998jw-12-securityrules.html (current Aug. 2000).
11. E. Gamma et al., Design Patterns: Elements of Object-Oriented Software, Addison-Wesley, Reading, Mass., 1994.
15 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool