{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T14:58:45Z","timestamp":1725548325401},"publisher-location":"Berlin, Heidelberg","reference-count":41,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642041167"},{"type":"electronic","value":"9783642041174"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-04117-4_35","type":"book-chapter","created":{"date-parts":[[2010,2,22]],"date-time":"2010-02-22T16:44:00Z","timestamp":1266857040000},"page":"771-785","source":"Crossref","is-referenced-by-count":0,"title":["Designing a Secure Programming Language"],"prefix":"10.1007","author":[{"given":"Thomas H.","family":"Austin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"35_CR1","unstructured":"J. Rafail: Cross-site scripting vulnerabilities, http:\/\/www.cert.org\/archive\/pdf\/cross_site_scripting.pdf (last accessed 2009)"},{"key":"35_CR2","unstructured":"J. Grossman: WhiteHat website security statistics report, WhiteHat Security (2007) http:\/\/cs.jhu.edu\/ jason\/papers\/#istv91 (last accessed 2009)"},{"key":"35_CR3","unstructured":"S. Cook: Web developer\u2019s guide to cross-site scripting (2003) http:\/\/www.grc.com\/sn\/files\/A_Web_Developers_Guide_to_Cross_Site% _Scripting.pdf (last accessed 2009)"},{"key":"35_CR4","unstructured":"PHP magic quotes (PHP manual) http:\/\/us.php.net\/magic_quotes (last accessed 2009)"},{"key":"35_CR5","unstructured":"J. Grossman: Phishing with super bait, Black Hat Japan, Tokyo (2005) http:\/\/www.blackhat.com\/presentations\/bh-jp-05\/bh-jp-05-grossman.pdf (last accessed 2009)"},{"key":"35_CR6","volume-title":"PHP in Action: Objects, Design, Agility","author":"D. Reiersol","year":"2007","unstructured":"D.\u00a0Reiersol, M.\u00a0Baker, C.\u00a0Shiflett: PHP in Action: Objects, Design, Agility (Manning Publications, Greenwich 2007)"},{"key":"35_CR7","unstructured":"Smarty: template engine homepage, http:\/\/www.smarty.net\/ (last accessed 2009)"},{"key":"35_CR8","unstructured":"PHPTAL homepage, http:\/\/phptal.motion-twin.com\/ (last accessed 2009)"},{"key":"35_CR9","unstructured":"R. Munroe: Exploits of a mom, http:\/\/xkcd.com\/327\/ (last accessed 2009)"},{"key":"35_CR10","unstructured":"Ruby on rails project page, http:\/\/rubyonrails.org\/ (last accessed 2009)"},{"key":"35_CR11","unstructured":"C. Shiflett: Addslashes() versus mysql_real_escape_string() (Blog posting, 2006) http:\/\/shiflett.org\/blog\/2006\/jan\/addslashes-versus-mysql-real-escape-s tring (last accessed 2009)"},{"key":"35_CR12","volume-title":"Programming Ruby: the Pragmatic Programmer\u2019s Guide","author":"D. Thomas","year":"2005","unstructured":"D.\u00a0Thomas: Programming Ruby: the Pragmatic Programmer\u2019s Guide, 2nd edn. (The Pragmattic Programmers, Raleigh 2005)","edition":"2"},{"key":"35_CR13","volume-title":"Ruby for Rails: Ruby Techniques for Rails Developers","author":"D. Black","year":"2006","unstructured":"D.\u00a0Black: Ruby for Rails: Ruby Techniques for Rails Developers (Manning Publications, Greenwich 2006)"},{"key":"35_CR14","unstructured":"D. Bernstein: The qmail security guarantee, http:\/\/cr.yp.to\/qmail\/guarantee.html (accessed 2009)"},{"key":"35_CR15","unstructured":"Twilight Hack, WiiBrew Wiki page, http:\/\/wiibrew.org\/w\/index.php?title=Twilight_Hack (last accessed 2009)"},{"key":"35_CR16","volume-title":"Java Virtual Machine Specification","author":"T. Lindholm","year":"2003","unstructured":"T.\u00a0Lindholm, F.\u00a0Yellin: Java Virtual Machine Specification (Addison-Wesley, Boston 2003)"},{"key":"35_CR17","unstructured":"C.\u00a0Cowan, C.\u00a0Pu, D.\u00a0Maier, H.\u00a0Hintony, J.\u00a0Walpole, P.\u00a0Bakke, S.\u00a0Beattie, A.\u00a0Grier, P.\u00a0Wagle, Q.\u00a0Zhang: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks, Proc. 7th conf. on USENIX Security Symp., USENIX Assoc., San Antonio (1998)"},{"key":"35_CR18","unstructured":"M.\u00a0Rinard, C.\u00a0Cadar, H.\u00a0Nguyen: Exploring the acceptability envelope, Companion 20th ACM SIGPLAN Conf. on Object-oriented programming, systems, languages, and applications, San Diego (2005) 21\u201330"},{"key":"35_CR19","unstructured":"M.\u00a0Rinard, C.\u00a0Cadar, D.\u00a0Dumitran, D.\u00a0Roy, T.\u00a0Leu, W.\u00a0Beebee Jr.: Enhancing server availability and security through failure-oblivious computing, Proc. 6th Conf. on Symp. on Opearting Systems Design & Implementation, USENIX Assoc., San Francisco (2004)"},{"key":"35_CR20","unstructured":"M.\u00a0Rinard, C.\u00a0Cadar, D.\u00a0Dumitran, D.\u00a0Roy, T.\u00a0Leu: A dynamic technique for eliminating buffer overflow vulnerabilities (and other memory errors), Proc. 20th Computer Security Applications Conf., IEEE Computer Soc. (2004) pp. 82\u201390"},{"issue":"3\/4","key":"35_CR21","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1023\/A:1025055424017","volume":"30","author":"X. Leroy","year":"2003","unstructured":"X.\u00a0Leroy: Java bytecode verification: algorithms and formalizations, J. Autom. Reason. 30(3\/4), 235\u2013269 (2003)","journal-title":"J. Autom. Reason."},{"key":"35_CR22","unstructured":"Java security overview, Sun Microsystems (2005), http:\/\/java.sun.com\/developer\/technicalArticles\/Security\/whitepaper\/JS% _White_Paper.pdf , accessed 2009"},{"key":"35_CR23","unstructured":"ECMA-262: ECMAScript Language Specification, 3rd edn. (ECMA, Geneva 2008)"},{"key":"35_CR24","unstructured":"Rhino JavaScript homepage, http:\/\/www.mozilla.org\/rhino\/ (last accessed 2009)"},{"key":"35_CR25","volume-title":"Javascript: the Definitive Guide","author":"D. Flanagan","year":"2006","unstructured":"D.\u00a0Flanagan: Javascript: the Definitive Guide, 5th edn. (O\u2019Reilly, Sebastopol 2006)","edition":"5"},{"key":"35_CR26","unstructured":"JavaScript security in Mozilla, http:\/\/www.mozilla.org\/projects\/security\/components\/jssec.html (last accessed 2009)"},{"key":"35_CR27","unstructured":"V.\u00a0Anupam, D.\u00a0Kristol, A.\u00a0Mayer: A user\u2019s and programmer\u2019s view of the new JavaScript security model, Proc. 2nd Conf. on USENIX Symp. on Internet Technologies and Systems, USENIX Assoc., Boulder (1999)"},{"key":"35_CR28","unstructured":"How to use security zones in Internet Explorer, http:\/\/support.microsoft.com\/kb\/174360 (last accessed 2009)"},{"key":"35_CR29","doi-asserted-by":"crossref","DOI":"10.7551\/mitpress\/1405.001.0001","volume-title":"The Art of the Metaobject Protocol","author":"G. Kiczales","year":"1991","unstructured":"G.\u00a0Kiczales, J.\u00a0Des Rivieres: The Art of the Metaobject Protocol (MIT Press, Cambridge 1991)"},{"key":"35_CR30","unstructured":"\u00c9.\u00a0Tanter, J.\u00a0Noy\u00e9, D.\u00a0Caromel, P.\u00a0Cointe: Partial behavioral reflection: spatial and temporal selection of reification, Proc. 18th ACM SIGPLAN Conf. on Object-Oriented Programing, Systems, Languages, and Applications, ACM, Anaheim (2003) 27\u201346"},{"key":"35_CR31","doi-asserted-by":"crossref","unstructured":"I.\u00a0Welch, R.\u00a0Stroud: From Dalang to Kava \u2013 the evolution of a reflective Java extension, Proc. 2nd Int. Conf. on Meta-Level Architectures and Reflection (Springer, Berlin 1999) pp. 2\u201321","DOI":"10.1007\/3-540-48443-4_2"},{"key":"35_CR32","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1145\/242224.242420","volume":"28","author":"G. Kiczales","year":"1996","unstructured":"G.\u00a0Kiczales: Aspect-oriented programming, ACM Comput. Surv. 28, 154 (1996)","journal-title":"ACM Comput. Surv."},{"key":"35_CR33","unstructured":"AspectJ homepage, http:\/\/www.eclipse.org\/aspectj\/ (last accessed 2009)"},{"key":"35_CR34","unstructured":"G. Kiczales, J. Irwin, J. Lamping, J. Loingtier, C. Lopes, C. Maeda: Aspect-oriented programming, ECOOP\u20191997 (1997) pp.\u00a0220\u2013242"},{"key":"35_CR35","unstructured":"G. O\u2019Regan: Introduction to aspect-oriented programming, O\u2019Reilly OnJava.com (2004), http:\/\/www.onjava.com\/pub\/a\/onjava\/2004\/01\/14\/aop.html (last accessed 2009)"},{"key":"35_CR36","unstructured":"T. Austin: Expanding JavaScript\u2019s metaobject protocol, San Jose State Univ. (2008)"},{"issue":"2","key":"35_CR37","first-page":"31","volume":"14","author":"J. Viega","year":"2001","unstructured":"J.\u00a0Viega, J.\u00a0Bloch, P.\u00a0Chandra: Applying aspect-oriented programming to security, Cutter IT Journal 14(2), 31\u201339 (2001)","journal-title":"Cutter IT Journal"},{"key":"35_CR38","unstructured":"I.\u00a0Welch, F.\u00a0Lu: Policy-driven reflective enforcement of security policies, Proc. 2006 ACM symp. on Applied Computing, ACM, Dijon (2006) 1580\u20131584"},{"key":"35_CR39","unstructured":"B. Arkin, F. Hill, S. Marks, M. Schmid, T. Walls, G. McGraw: How we learned to cheat in online poker: a study in software security, Developer.com (1999), http:\/\/www.developer.com\/tech\/article.php\/616221 (last accessed 2006)"},{"key":"35_CR40","unstructured":"C. Constantinides, T. Skotiniotis, M. St\u00f6rzer: AOP considered harmful, European Interactive Workshop on Aspects in Software (2004)"},{"key":"35_CR41","doi-asserted-by":"crossref","unstructured":"D.\u00a0Caromel, F.\u00a0Huet, J.\u00a0Vayssi\u00e8re: A simple security-aware MOP for Java, Proc. 3rd Int. Conf. on Metalevel Architectures and Separation of Crosscutting Concerns (Springer, 2001) 118\u2013125","DOI":"10.1007\/3-540-45429-2_9"}],"container-title":["Handbook of Information and Communication Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-04117-4_35.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:39:28Z","timestamp":1606185568000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-04117-4_35"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642041167","9783642041174"],"references-count":41,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-04117-4_35","relation":{},"subject":[],"published":{"date-parts":[[2010]]}}}