Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Fred Long
September 2013 - Article Java Coding Guidelines for Reliability

Topics: Secure Coding

Authors: Fred Long (Aberystwyth University), Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, David Svoboda

In this sample chapter, the authors describe how to avoid obscure techniques and code that is difficult to understand and maintain when programming in Java.

October 2011 - Article The CERT Oracle Secure Coding Standard for Java: Input Validation and Data Sanitization

Topics: Secure Coding

Authors: Fred Long (Aberystwyth University), David Svoboda, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland

In this sample chapter, the authors provide rules, assesses their risk, and provide noncompliant and compliant code and solutions to validate and sanitize the data.

September 2011 - Book The CERT Oracle Secure Coding Standard for Java

Topics: Secure Coding

Authors: Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, David Svoboda

In this book, the authors provide the first comprehensive compilation of code-level requirements for building secure systems in Java.

May 2010 - Technical Report Java Concurrency Guidelines

Topics: Secure Coding

Authors: Fred Long, Dhruv Mohindra, Robert C. Seacord, David Svoboda

In this report, the authors describe the CERT Oracle Secure Coding Standard for Java, which provides guidelines for secure coding in Java.

May 2010 - Technical Report Specifications for Managed Strings, Second Edition

Topics: Secure Coding

Authors: Hal Burch, Fred Long, Raunak Rungta, Robert C. Seacord, David Svoboda

In this report, the authors describe a managed string library for the C programming language.

September 2007 - Technical Note Ranged Integers for the C Programming Language

Topics: Secure Coding

Authors: Jeff Gennari, Shaun Hedrick, Fred Long, Justin Pincar, Robert C. Seacord

In this 2007 report, the authors describe an extension to the C programming language to introduce the notion of ranged integers.

May 2006 - Technical Report Specifications for Managed Strings

Topics: Secure Coding

Authors: Hal Burch, Fred Long, Robert C. Seacord

This report has been superseded by Specifications for Managed Strings, Second Edition (CMU/SEI-2010-TR-018).

October 2005 - Technical Note Software Vulnerabilities in Java

Topics: Secure Coding

Authors: Fred Long

In this report, Fred Long briefly describes potential software vulnerabilities in Java version 5.

August 2005 - White Paper Information Technology: Programming Languages, Their Environments and System Software Interfaces: Specification for Managed Strings

Topics: Secure Coding

Authors: Fred Long, Robert C. Seacord

In this paper, the authors present a standard specification for managed strings.

May 2000 - Technical Report Volume II: Technical Concepts of Component-Based Software Engineering, 2nd Edition

Authors: Felix Bachmann, Len Bass, Charles Buhman, Santiago Comella-Dorda, Fred Long, John E. Robert, Robert C. Seacord, Kurt C. Wallnau

The objective of this study is to determine whether CBSE has the potential to advance the state of software engineering practice and, if so, whether the SEI can contribute to this advancement.

May 2000 - Technical Note Volume I: Market Assessment of Component-Based Software Engineering Assessments

Authors: Len Bass, Charles Buhman, Santiago Comella-Dorda, Fred Long, John E. Robert, Robert C. Seacord, Kurt C. Wallnau

This 2001 report examines software component technology from a business perspective.

July 1999 - Technical Note Securing Internet Sessions with Sorbet

Authors: Fred Long, Scott Hissam, Robert C. Seacord, John E. Robert, John E. Robert

To secure communications media connections, mechanisms must be built on top of the underlying facilities. This 1999 report discusses one such security mechanism and describes an implementation using CORBA-based interceptors.

March 1993 - Technical Report An Overview of PCTE: A Basis for a Portable Common Tool Environment

Authors: Fred Long, Edwin J. Morris

This 1993 report details the history and currentstatus of PCTE and PCTE-based environments.