Provable Protection against Web Application Vulnerabilities Related to Session Data Dependencies
暂无分享,去创建一个
Wouter Joosen | Pierre Verbaeten | Frank Piessens | Lieven Desmet | W. Joosen | F. Piessens | P. Verbaeten | Lieven Desmet
[1] Gary T. Leavens,et al. Desugaring JML Method Specifications , 2005 .
[2] Frank Piessens,et al. Safe concurrency for aggregate objects with invariants , 2005, Third IEEE International Conference on Software Engineering and Formal Methods (SEFM'05).
[3] Ernst-Erich Doberkat. Ernst-Erich Doberkat über Mary Shaw und David Garlan: Software Architecture - Perspectives on an Emerging Discipline , 2000, Softwaretechnik-Trends.
[4] Tomás E. Uribe,et al. Automatic analysis of firewall and network intrusion detection system configurations , 2004, FMSE '04.
[5] Joseph R. Kiniry,et al. Soundness and completeness warnings in ESC/Java2 , 2006, SAVCBS '06.
[6] Jean-Louis Lanet,et al. Enforcing High-Level Security Properties for Applets , 2004, CARDIS.
[7] V. Stavridou,et al. Abstraction and specification in program development , 1988 .
[8] Roy T. Fielding,et al. Hypertext Transfer Protocol - HTTP/1.0 , 1996, RFC.
[9] Mark S. Miller,et al. Robust composition: towards a unified approach to access control and concurrency control , 2006 .
[10] Bertrand Meyer,et al. Applying 'design by contract' , 1992, Computer.
[11] Jonathan Aldrich,et al. Using Types to Enforce Architectural Structure , 2008, Seventh Working IEEE/IFIP Conference on Software Architecture (WICSA 2008).
[12] Jos C. M. Baeten,et al. Specifying internet applications with DiCons , 2001, SAC.
[13] Michael D. Ernst,et al. An overview of JML tools and applications , 2003, Electron. Notes Theor. Comput. Sci..
[14] A. Jefferson Offutt,et al. Web application bypass testing , 2004, Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004..
[15] Richard N. Taylor,et al. A Classification and Comparison Framework for Software Architecture Description Languages , 2000, IEEE Trans. Software Eng..
[16] Alexander L. Wolf,et al. Acm Sigsoft Software Engineering Notes Vol 17 No 4 Foundations for the Study of Software Architecture , 2022 .
[17] Wei Xu,et al. Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks , 2006, USENIX Security Symposium.
[18] Michael D. Ernst,et al. An overview of JML tools and applications , 2003, International Journal on Software Tools for Technology Transfer.
[19] Zhendong Su,et al. Static Checking of Dynamically Generated Queries in Database Applications , 2004, ICSE 2004.
[20] Michael Franz,et al. Dynamic taint propagation for Java , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).
[21] Wouter Joosen,et al. Static Verification of Indirect Data Sharing in Loosely-coupled Component Systems , 2006, SC@ETAPS.
[22] Gary T. Leavens. Tutorial on JML, the java modeling language , 2007, ASE '07.
[23] D. T. Lee,et al. Securing web application code by static analysis and runtime protection , 2004, WWW '04.
[24] Tadeusz Pietraszek,et al. Defending Against Injection Attacks Through Context-Sensitive String Evaluation , 2005, RAID.
[25] Peter G. Neumann,et al. System and network trustworthiness in perspective , 2006, CCS '06.
[26] Alessandro Orso,et al. AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks , 2005, ASE.
[27] Luca Cardelli. Transitions in programming models: 2 , 2005, ICSE '05.
[28] Mary Shaw,et al. Software architecture - perspectives on an emerging discipline , 1996 .
[29] Ehab Al-Shaer,et al. Analysis of Firewall Policy Rules Using Data Mining Techniques , 2006, 2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006.
[30] K. Rustan M. Leino,et al. The Spec# Programming System: An Overview , 2004, CASSIS.
[31] Anh Nguyen-Tuong,et al. Automatically Hardening Web Applications Using Precise Tainting , 2005, SEC.
[32] Vipin Samar,et al. Unified login with pluggable authentication modules (PAM) , 1996, CCS '96.
[33] Clemens A. Szyperski,et al. Component software - beyond object-oriented programming , 2002 .
[34] Paul C. Clements,et al. A survey of architecture description languages , 1996, Proceedings of the 8th International Workshop on Software Specification and Design.
[35] A. Jefferson Offutt,et al. Bypass testing of Web applications , 2004, 15th International Symposium on Software Reliability Engineering.
[36] Wouter Joosen,et al. Dependency analysis of the GatorMail webmail application , 2005 .
[37] Jean-Marc Jézéquel,et al. Design by Contract to Improve Software Vigilance , 2006, IEEE Transactions on Software Engineering.
[38] Ken Arnold,et al. JavaSpaces¿ Principles, Patterns, and Practice , 1999 .
[39] Mehdi T. Harandi,et al. Workshop on software specification and design , 1988, SOEN.
[40] Paul Clements,et al. Software architecture in practice , 1999, SEI series in software engineering.
[41] Christopher Krügel,et al. Precise alias analysis for static detection of web application vulnerabilities , 2006, PLAS '06.
[42] Premkumar T. Devanbu,et al. Static checking of dynamically generated queries in database applications , 2004, Proceedings. 26th International Conference on Software Engineering.