The CERT Oracle Secure Coding Standard for Java (häftad)
Häftad (Paperback)
Antal sidor
Mohindra, Dhruv / Seacord, Robert C. / Sutherland, Dean F. / Svoboda, David
229 x 175 x 43 mm
1135 g
Antal komponenter
The CERT Oracle Secure Coding Standard for Java (häftad)

The CERT Oracle Secure Coding Standard for Java

Häftad Engelska, 2011-09-26
  • Skickas inom 5-8 vardagar.
  • Gratis frakt inom Sverige över 199 kr för privatpersoner.

In the Java world, security is not viewed as an add-on a feature. It is a pervasive way of thinking. Those who forget to think in a secure mindset end up in trouble. But just because the facilities are there doesnt mean that security is assured automatically. A set of standard practices has evolved over the years. The Secure Coding Standard for Java is a compendium of these practices. These are not theoretical research papers or product marketing blurbs. This is all serious, mission-critical, battle-tested, enterprise-scale stuff.

James A. Gosling, Father of the Java Programming Language


An essential element of secure coding in the Java programming language is a well-documented and enforceable coding standard. Coding standards encourage programmers to follow a uniform set of rules determined by the requirements of the project and organization, rather than by the programmers familiarity or preference. Once established, these standards can be used as a metric to evaluate source code (using manual or automated processes).


The CERT Oracle Secure Coding Standard for Java provides rules designed to eliminate insecure coding practices that can lead to exploitable vulnerabilities. Application of the standards guidelines will lead to higher-quality systemsrobust systems that are more resistant to attack. Such guidelines are required for the wide range of products coded in Javafor devices such as PCs, game players, mobile phones, home appliances, and automotive electronics.


After a high-level introduction to Java application security, seventeen consistently organized chapters detail specific rules for key areas of Java development. For each area, the authors present noncompliant examples and corresponding compliant solutions, show how to assess risk, and offer references for further information. Each rule is prioritized based on the severity of consequences, likelihood of introducing exploitable vulnerabilities, and cost of remediation.


The standard provides secure coding rules for the Java SE 6 Platform including the Java programming language and libraries, and also addresses new features of the Java SE 7 Platform. It describes language behaviors left to the discretion of JVM and compiler implementers, guides developers in the proper use of Javas APIs and security architecture, and considers  security concerns pertaining to standard extension APIs (from the javax package hierarchy).The standard covers security issues applicable to these libraries: lang, util, Collections, Concurrency Utilities, Logging, Management, Reflection, Regular Expressions, Zip, I/O, JMX, JNI, Math, Serialization, and JAXP.
Visa hela texten

Passar bra ihop

  1. The CERT Oracle Secure Coding Standard for Java
  2. +
  3. Tomorrow, And Tomorrow, And Tomorrow

De som köpt den här boken har ofta också köpt Tomorrow, And Tomorrow, And Tomorrow av Gabrielle Zevin (häftad).

Köp båda 2 för 565 kr


Har du läst boken? Sätt ditt betyg »

Övrig information

Fred Long is a Senior Lecturer and Director of Learning and Teaching in the Department of Computer Science, Aberystwyth University in the United Kingdom.He lectures on formal methods; Java, C++, and C programming paradigms; and programming related security issues. He is chairman of the British Computer Society's Mid-Wales Sub-Branch. Fred has been a Visiting Scientist at the Software Engineering Institute since 1992. Recently, his research has involved the investigation of vulnerabilities in Java. Dhruv Mohindra is a Senior Software Engineer at Persistent Systems Limited, India, where he develops monitoring software for widely used enterprise servers. He has worked for CERT at the Software Engineering Institute (SEI) and continues to collaborate to improve the state of security awareness in the programming community. Dhruv has also worked for Carnegie Mellon University where he obtained his Master of Science degree in Information Security Policy and Management. He holds an undergraduate degree in Computer Engineering from Pune University, India, where he researched with Calsoft Inc during his academic pursuit. A writing enthusiast, Dhruv occasionally contributes articles to technology magazines and online resources. He brings forth his experience and learning from developing and securing service oriented applications, server monitoring software, mobile device applications, web-based data miners and designing user-friendly security interfaces. Robert C. Seacord is a computer security specialist and writer. He is the author of books on computer security, legacy system modernization, and component-based software engineering. Robert C. Seacord manages the Secure Coding Initiative at CERT, located in Carnegie Mellon's Software Engineering Institute (SEI) in Pittsburgh, PA. CERT, among other security related activities, regularly analyzes software vulnerability reports and assesses the risk to the Internet and other critical infrastructure. Robert is an adjunct professor in the Carnegie Mellon University School of Computer Science and in the Information Networking Institute. Robert started programming professionally for IBM in 1982, working in communications and operating system software, processor development, and software engineering. Robert also has worked at the X Consortium, where he developed and maintained code for the Common Desktop Environment and the X Window System. Robert has a Bachelor in computer science from Rensselaer Polytechnic Institute. Dean F. Sutherland is currently a Senior Software Security Researcher at CERT. Dean spent 14 years working as a professional software engineer at Tartan, Inc. He spent the last 6 of those years as a Senior Member of the Technical Staff and a Technical Lead for compiler back-end technology. He was the primary active member of the corporate R&D group, was a key instigator of the design and deployment of a new software development process for Tartan, led R&D projects, and provided both technical and project leadership for the 12-person compiler back-end group. He received his Ph.D. in Software Engineering from Carnegie Mellon in 2008. David Svoboda is a software security engineer at CERT, at the Software Engineering Institute (SEI) in Pittsburgh, PA. David has been the primary developer on a diverse set of software development projects at Carnegie Mellon since 1991, ranging from hierarchical chip modeling and social organization simulation to automated machine translation (AMT). His KANTOO AMT software, developed in 1996, is still (as of 2008) in production use at Caterpillar. He has over 10 years of Java development experience, starting with Java 2, and his Java projects include Tomcat servlets and Eclipse plug-ins. David is also actively involved in several ISO standards groups: the JTC1/SC22/WG14 group for the C programming language, and the JTC1/SC22/WG21 group for C++.


Foreword         xvii

Preface         xix

Acknowledgments         xxxi

About the Authors         xxxiii


Chapter 1: Introduction         1

Misplaced Trust   2

Injection Attacks   2

Leaking Sensitive Data   4

Leaking Capabilities   6

Denial of Service   7

Serialization   10

Concurrency, Visibility, and Memory   11

Principle of Least Privilege   18

Security Managers   19

Class Loaders   21

Summary   21


Chapter 2: Input Validation and Data Sanitization (IDS)   23

Rules   23

Risk Assessment Summary   24

IDS00-J. Sanitize untrusted data passed across a trust boundary   24

IDS01-J. Normalize strings before validating them   34

IDS02-J. Canonicalize path names before validating them   36

IDS03-J. Do not log unsanitized user input   41

IDS04-J. Limit the size of files passed to ZipInputStream   43

IDS05-J. Use a subset of ASCII for file and path names   46

IDS06-J. Exclude user input from format strings   48

IDS07-J. Do not pass untrusted, unsanitized data to the Runtime.exec() method   50

IDS08-J. Sanitize untrusted data passed to a regex   54

IDS09-J. Do not use locale-dependent methods on locale-dependent data without specifying the appropriate locale   59

IDS10-J. Do not split characters between two data structures   60

IDS11-J. Eliminate noncharacter code points before validation   66

IDS12-J. Perform lossless conversion of String data between differing character encodings   68

IDS13-J. Use compatible encodings on both sides of file or network I/O   71


Chapter 3: Declarations and Initialization (DCL)         75

Rules   75

Risk Assessment Summary   75

DCL00-J. Prevent class initialization cycles   75

DCL01-J. Do not reuse public identifiers from the Java Standard Library   79

DCL02-J. Declare all enhanced for statement loop variables final   81


Chapter 4: Expressions (EXP)         85

Rules   85

Risk Assessment Summary   85

EXP00-J. Do not ignore values returned by methods   86

EXP01-J. Never dereference null pointers&nbs...