This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Java Insecurity: Accounting for Subtleties That Can Compromise Code
January/February 2008 (vol. 25 no. 1)
pp. 13-19
Charlie Lai, Sun Microsystems
Java developers commonly follow numerous coding guidelines—such as minimizing accessibility, creating copies of mutable inputs, and preventing the unauthorized construction of sensitive classes—to ensure that their programs are safe. Various subtleties related to each guideline could lead to unexpected behavior, and ultimately to security vulnerabilities. Java developers can safely account for these subtleties to prevent attacks. This article is part of a special issue on Security for the Rest of Us.

1. J. Bloch, Effective Java Programming Language Guide, 1st ed., Addison-Wesley, 2001.
2. G. McGraw, Software Security: Building Security In, Addison-Wesley, 2006.
3. L. Gong, G. Ellison, and M. Dageforde, Inside Java 2 Platform Security, 2nd ed., Addison-Wesley, 2003.
4. J. Schwartz, "Who Needs Hackers?" New York Times,12 Sept. 2007.
5. D. Hovemeyer and W. Pugh, "Finding Bugs Is Easy," ACM SIGPLANNotices, vol. 39, no. 12, 2004, pp. 92–106.

Index Terms:
Java, code design, programming paradigms, security and privacy protection
Citation:
Charlie Lai, "Java Insecurity: Accounting for Subtleties That Can Compromise Code," IEEE Software, vol. 25, no. 1, pp. 13-19, Jan.-Feb. 2008, doi:10.1109/MS.2008.9
Usage of this product signifies your acceptance of the Terms of Use.