, File storage service with REST-like API, 2011.
, The CodeSurfer Software Understanding Platform, 13th International Workshop on Program Comprehension (IWPC'05), pp.147-148, 2005.
DOI : 10.1109/WPC.2005.37
, Using programmer-written compiler extensions to catch security holes, Proceedings 2002 IEEE Symposium on Security and Privacy, pp.143-159, 2002.
DOI : 10.1109/SECPRI.2002.1004368
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.127.6553
, Checking for Race Conditions in File Accesses, Computing Systems, vol.9, pp.131-152, 1996.
, Clara: a framework for statically evaluating finite-state runtime monitors, 1st International Conference on Runtime Verification (RV). LNCS, pp.74-88, 2010.
DOI : 10.1007/978-3-642-16612-9_15
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.171.325
, Improving computer security using extended static checking, Proceedings 2002 IEEE Symposium on Security and Privacy, pp.160-173, 2002.
DOI : 10.1109/SECPRI.2002.1004369
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.15.2090
, Enterprise JavaBeans TM Specification, Version 2.1, Sun Microsystems, 2003.
, Magic quadrant for static application security testing, 2010.
, Speeding Up Context-, Object- and Field-Sensitive SDG Generation, 2010 10th IEEE Working Conference on Source Code Analysis and Manipulation, pp.105-114, 2010.
DOI : 10.1109/SCAM.2010.9
, Experiences with PDG-Based IFC, Engineering Secure Software and Systems, pp.44-60, 2010.
DOI : 10.1007/978-3-642-11747-3_4
, Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs, International Journal of Information Security, vol.44, issue.15, pp.399-422, 2009.
DOI : 10.1007/s10207-009-0086-1
, Pooling, Proceedings of the 2002 European Conference on Pattern Languages of Programs, 2002.
, Identifying similar code with program dependence graphs, Proceedings Eighth Working Conference on Reverse Engineering, pp.301-309, 2001.
DOI : 10.1109/WCRE.2001.957835
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.23.4224
, Finding Security Vulnerabilities in Java Applications with Static Analysis, Proceedings of the 14th USENIX Security Symposium, pp.271-286, 2005.
, Java TM Servlet Specification, Version 3.0 Rev a, Sun Microsystems, 2010.
, Static Security Analysis Based on Input-Related Software Faults Oracle: Java EE at a Glance, Proceedings of the 2009 European Conference on Software Maintenance and Reengineering, pp.37-46, 2009.
DOI : 10.1109/csmr.2009.51
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.151.7654
, Bauhaus ? A Tool Suite for Program Analysis and Reverse Engineering Red Hat, Inc: Session EJB and MDB Configuration (2011), http://docs.jboss.org/ejb3/docs/reference/build/reference/en/html/session- bean-config.html 22. Reenskaug, T.: Models ? Views ? Controllers, Proceedings of 11th Ada-Europe International Conference on Reliable Software Technologies, 1979.
, JavaServer Pages TM Specification, Version 2.0, Sun Microsystems, 2003.
, Security Patterns, Informatik-Spektrum, vol.25, issue.3, 2006.
DOI : 10.1007/s002870200223
, Performance Models for the Instance Pooling Mechanism of the JBoss Application Server, 2008 IEEE International Performance, Computing and Communications Conference, pp.135-143, 2008.
DOI : 10.1109/PCCC.2008.4745106
, http://www.springsource.org 27. The Apache Software Foundation: Apache Struts, Online, 2011.
, Sound and Precise Analysis of Web Applications for Injection Vulnerabilities, Proceedings of the 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation. pp. 32?41. PLDI '07, 2007.