{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T13:59:13Z","timestamp":1725544753544},"publisher-location":"Berlin, Heidelberg","reference-count":16,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642117466"},{"type":"electronic","value":"9783642117473"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-11747-3_5","type":"book-chapter","created":{"date-parts":[[2010,1,24]],"date-time":"2010-01-24T20:03:02Z","timestamp":1264363382000},"page":"61-69","source":"Crossref","is-referenced-by-count":9,"title":["Idea: Java vs. PHP: Security Implications of Language Choice for Web Applications"],"prefix":"10.1007","author":[{"given":"James","family":"Walden","sequence":"first","affiliation":[]},{"given":"Maureen","family":"Doyle","sequence":"additional","affiliation":[]},{"given":"Robert","family":"Lenhof","sequence":"additional","affiliation":[]},{"given":"John","family":"Murray","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"Ayewah, N., Pugh, W.J., Morgenthaler, D., Penix, J.: Zhou. Y.: Evaluating Static Analysis Defect Warnings On Production Software. In: The 7th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (June 2007)","DOI":"10.1145\/1251535.1251536"},{"key":"5_CR2","unstructured":"Christey, S.M., Martin, R.A.: http:\/\/www.cve.mitre.org\/docs\/vuln-trends\/index.html (published May 22, 2007)"},{"key":"5_CR3","unstructured":"Coverity, Coverity Scan Open Source Report 2009, http:\/\/www.coverity.com\/scan\/ (September 23, 2009)"},{"key":"5_CR4","volume-title":"Software Metrics: A Rigorous and Practical Approach","author":"N.E. Fenton","year":"1998","unstructured":"Fenton, N.E., Pfleeger, S.L.: Software Metrics: A Rigorous and Practical Approach. Brooks\/Cole, Massachusetts (1998)"},{"key":"5_CR5","unstructured":"Fortify Security Research Group and Larry Suto: Open Source Security Study (July 2008), http:\/\/www.fortify.com\/landing\/oss\/oss_report.jsp"},{"key":"5_CR6","unstructured":"http:\/\/freshmeat.net\/ (accessed September 27, 2009)"},{"key":"5_CR7","doi-asserted-by":"crossref","unstructured":"Li, Z., Tan, L., Wang, X., Lu, S., Zhou, Y., Zhai, C.: Have things changed now?: an empirical study of bug characteristics in modern open source software. In: Proceedings of the 1st workshop on Architectural and system support for improving software dependability, Association of Computing Machinery, New York, pp. 25\u201333 (2006)","DOI":"10.1145\/1181309.1181314"},{"key":"5_CR8","doi-asserted-by":"crossref","unstructured":"Nagappan, N., Ball, T.: Static analysis tools as early indicators of pre-release defect density. In: Proceedings of the 27th International Conference on Software Engineering, Association of Computing Machinery, New York, pp. 580\u2013586 (2005)","DOI":"10.1145\/1062455.1062558"},{"key":"5_CR9","unstructured":"Shiflett, C.: PHP Security Consortium Redux, http:\/\/shiflett.org\/blog\/2005\/feb\/php-security-consortium-redux"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"Nagappan, N., Ball, T., Zeller, A.: Mining Metrics to Predict Component Failures. In: Proceedings of the 28th International Conference on Software Engineering, Association of Computing Machinery, New York, pp. 452\u2013461 (2006)","DOI":"10.1145\/1134285.1134349"},{"key":"5_CR11","unstructured":"Neuhaus, S., Zimmerman, T.: The Beauty and the Beast: Vulnerabilities in Red Hat\u2019s Packages. In: Proceedings of the 2009 USENIX Annual Technical Conference (USENIX 2009), San Diego, CA, USA (June 2009)"},{"key":"5_CR12","unstructured":"Ozment, A., Schechter, S.E.: Milk or Wine: Does Software Security Improve with Age? In: Proceedings of the 15th USENIX Security Symposium, USENIX Association, California, pp. 93\u2013104 (2006)"},{"key":"5_CR13","doi-asserted-by":"crossref","unstructured":"Shin, Y., Williams, L.: An Empirical Model to Predict Security Vulnerabilities using Code Complexity Metrics. In: Proceedings of the 2nd International Symposium on Empirical Software Engineering and Measurement, Association for Computing Machinery, New York, pp. 315\u2013317 (2008)","DOI":"10.1145\/1414004.1414065"},{"key":"5_CR14","doi-asserted-by":"crossref","unstructured":"Shin, Y., Williams, L.: Is Complexity Really the Enemy of Software Security? In: Quality of Protection Workshop at the ACM Conference on Computers and Communications Security (CCS) 2008, Association for Computing Machinery, New York, pp. 47\u201350 (2008)","DOI":"10.1145\/1456362.1456372"},{"key":"5_CR15","volume-title":"Proceedings of the International Workshop on Security Measurements and Metrics","author":"J. Walden","year":"2009","unstructured":"Walden, J., Doyle, M., Welch, G., Whelan, M.: Security of Open Source Web Applications. In: Proceedings of the International Workshop on Security Measurements and Metrics. IEEE, Los Alamitos (2009)"},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"Zimmermann, T., Nagappan, N., Gall, H., Giger, E., Murphy, B.: Cross-project Defect Prediction. In: Proceedings of the 7th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC\/FSE 2009), Amsterdam, The Netherlands (August 2009)","DOI":"10.1145\/1595696.1595713"}],"container-title":["Lecture Notes in Computer Science","Engineering Secure Software and Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-11747-3_5.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,29]],"date-time":"2023-05-29T14:59:07Z","timestamp":1685372347000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-11747-3_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642117466","9783642117473"],"references-count":16,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-11747-3_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}