Java Insecurity: Accounting for Subtleties That Can Compromise Code

Charlie Lai

doi:10.1109/MS.2008.9

Software
2008
Issue No. 1 - January/February
Abstract - Java Insecurity: Accounting for Subtleties That Can Compromise Code

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Charlie Lai

Java Insecurity: Accounting for Subtleties That Can Compromise Code

January/February 2008 (vol. 25 no. 1)

pp. 13-19

	ASCII Text	x
	Charlie Lai, "Java Insecurity: Accounting for Subtleties That Can Compromise Code," IEEE Software, vol. 25, no. 1, pp. 13-19, January/February, 2008.

	BibTex	x
	@article{ 10.1109/MS.2008.9, author = {Charlie Lai}, title = {Java Insecurity: Accounting for Subtleties That Can Compromise Code}, journal ={IEEE Software}, volume = {25}, number = {1}, issn = {0740-7459}, year = {2008}, pages = {13-19}, doi = {http://doi.ieeecomputersociety.org/10.1109/MS.2008.9}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Software TI - Java Insecurity: Accounting for Subtleties That Can Compromise Code IS - 1 SN - 0740-7459 SP13 EP19 EPD - 13-19 A1 - Charlie Lai, PY - 2008 KW - Java KW - code design KW - programming paradigms KW - security and privacy protection VL - 25 JA - IEEE Software ER -

Charlie Lai, Sun Microsystems

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MS.2008.9

Java developers commonly follow numerous coding guidelines—such as minimizing accessibility, creating copies of mutable inputs, and preventing the unauthorized construction of sensitive classes—to ensure that their programs are safe. Various subtleties related to each guideline could lead to unexpected behavior, and ultimately to security vulnerabilities. Java developers can safely account for these subtleties to prevent attacks. This article is part of a special issue on Security for the Rest of Us.

1. J. Bloch, Effective Java Programming Language Guide, 1st ed., Addison-Wesley, 2001.
2. G. McGraw, Software Security: Building Security In, Addison-Wesley, 2006.
3. L. Gong, G. Ellison, and M. Dageforde, Inside Java 2 Platform Security, 2nd ed., Addison-Wesley, 2003.
4. J. Schwartz, "Who Needs Hackers?" New York Times,12 Sept. 2007.
5. D. Hovemeyer and W. Pugh, "Finding Bugs Is Easy," ACM SIGPLANNotices, vol. 39, no. 12, 2004, pp. 92–106.

Index Terms:

Java, code design, programming paradigms, security and privacy protection

Citation:

Charlie Lai, "Java Insecurity: Accounting for Subtleties That Can Compromise Code," IEEE Software, vol. 25, no. 1, pp. 13-19, Jan.-Feb. 2008, doi:10.1109/MS.2008.9

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.