{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,25]],"date-time":"2026-04-25T14:45:45Z","timestamp":1777128345486,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":38,"publisher":"ACM","license":[{"start":{"date-parts":[[2009,6,15]],"date-time":"2009-06-15T00:00:00Z","timestamp":1245024000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2009,6,15]]},"DOI":"10.1145\/1542476.1542486","type":"proceedings-article","created":{"date-parts":[[2009,6,16]],"date-time":"2009-06-16T09:34:36Z","timestamp":1245144876000},"page":"87-97","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":176,"title":["TAJ"],"prefix":"10.1145","author":[{"given":"Omer","family":"Tripp","sequence":"first","affiliation":[{"name":"IBM, Herzlyia, Israel"}]},{"given":"Marco","family":"Pistoia","sequence":"additional","affiliation":[{"name":"IBM, Hawthorne, NY, USA"}]},{"given":"Stephen J.","family":"Fink","sequence":"additional","affiliation":[{"name":"IBM, Hawthorne, NY, USA"}]},{"given":"Manu","family":"Sridharan","sequence":"additional","affiliation":[{"name":"IBM, Hawthorne, NY, USA"}]},{"given":"Omri","family":"Weisman","sequence":"additional","affiliation":[{"name":"IBM, Herzlyia, Israel"}]}],"member":"320","published-online":{"date-parts":[[2009,6,15]]},"reference":[{"key":"e_1_3_2_1_2_1","volume-title":"S&P","author":"Ashcraft K.","year":"2002","unstructured":"K. Ashcraft and D. Engler . Using Programmer-Written Compiler Extensions to Catch Security Holes . In S&P 2002 . K. Ashcraft and D. Engler. Using Programmer-Written Compiler Extensions to Catch Security Holes. In S&P 2002."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/349299.349342"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455778"},{"key":"e_1_3_2_1_5_1","volume-title":"Modular Static Program Analysis. In CC","author":"Cousot P.","year":"2002","unstructured":"P. Cousot and R. Cousot . Modular Static Program Analysis. In CC 2002 . P. Cousot and R. Cousot. Modular Static Program Analysis. In CC 2002."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/115372.115320"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/359636.359712"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1146238.1146254"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/512529.512531"},{"key":"e_1_3_2_1_12_1","volume-title":"S&P","author":"Goguen J. A.","year":"1982","unstructured":"J. A. Goguen and J. Meseguer . Security Policies and Security Models . In S&P 1982 . J. A. Goguen and J. Meseguer. Security Policies and Security Models. In S&P 1982."},{"key":"e_1_3_2_1_13_1","volume-title":"Information Flow Control for Java Based on Path Conditions in Dependence Graphs. In ISSSE","author":"Hammer C.","year":"2006","unstructured":"C. Hammer , J. Krinke , and G. Snelting . Information Flow Control for Java Based on Path Conditions in Dependence Graphs. In ISSSE 2006 . C. Hammer, J. Krinke, and G. Snelting. Information Flow Control for Java Based on Path Conditions in Dependence Graphs. In ISSSE 2006."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/277650.277668"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/378795.378802"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/53990.53994"},{"key":"e_1_3_2_1_17_1","unstructured":"IBM Rational AppScan Developer Edition (AppScan DE) http: \/\/www.ibm.com\/software\/awdtools\/appscan\/developer  IBM Rational AppScan Developer Edition (AppScan DE) http: \/\/www.ibm.com\/software\/awdtools\/appscan\/developer"},{"key":"e_1_3_2_1_18_1","volume-title":"CC 2006.","author":"Lhot\u00b4ak O.","unstructured":"O. Lhot\u00b4ak and L. J. Hendren . Context-Sensitive Points-to Analysis: Is It Worth It? In CC 2006. O. Lhot\u00b4ak and L. J. Hendren. Context-Sensitive Points-to Analysis: Is It Worth It? In CC 2006."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/11575467_11"},{"key":"e_1_3_2_1_20_1","volume-title":"USENIX Security","author":"Livshits V. B.","year":"2005","unstructured":"V. B. Livshits and M. S. Lam . Finding Security Vulnerabilities in Java Applications with Static Analysis . In USENIX Security 2005 . V. B. Livshits and M. S. Lam. Finding Security Vulnerabilities in Java Applications with Static Analysis. In USENIX Security 2005."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1375581.1375606"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1044834.1044835"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1060745.1060809"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/292540.292561"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/268998.266669"},{"key":"e_1_3_2_1_26_1","unstructured":"OWASP http:\/\/www.owasp.org.  OWASP http:\/\/www.owasp.org."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/11531142_16"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/199448.199462"},{"key":"e_1_3_2_1_29_1","volume-title":"Dimensions of Precision in Reference Analysis of Object-Oriented Languages. In CC","author":"Ryder B. G.","year":"2003","unstructured":"B. G. Ryder . Dimensions of Precision in Reference Analysis of Object-Oriented Languages. In CC 2003 . Invited Paper. B. G. Ryder. Dimensions of Precision in Reference Analysis of Object-Oriented Languages. In CC 2003. Invited Paper."},{"key":"e_1_3_2_1_30_1","volume-title":"USENIX Security","author":"Shankar U.","year":"2001","unstructured":"U. Shankar , K. Talwar , J. S. Foster , and D. Wagner . Detecting Format String Vulnerabilities with Type Qualifiers . In USENIX Security 2001 . U. Shankar, K. Talwar, J. S. Foster, and D. Wagner. Detecting Format String Vulnerabilities with Type Qualifiers. In USENIX Security 2001."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1178625.1178628"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133981.1134027"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250748"},{"key":"e_1_3_2_1_34_1","unstructured":"Stanford SecuriBench Micro http:\/\/suif.stanford.edu\/~livshits\/work\/securibench-micro.  Stanford SecuriBench Micro http:\/\/suif.stanford.edu\/~livshits\/work\/securibench-micro."},{"key":"e_1_3_2_1_35_1","unstructured":"T. J.Watson Libraries for Analysis (WALA) http:\/\/wala.sf.net.  T. J.Watson Libraries for Analysis (WALA) http:\/\/wala.sf.net."},{"key":"e_1_3_2_1_36_1","volume-title":"A Sound Type System for Secure Flow Analysis. JCS, 4(2--3)","author":"Volpano D.","year":"1996","unstructured":"D. Volpano , C. Irvine , and G. Smith . A Sound Type System for Secure Flow Analysis. JCS, 4(2--3) , 1996 . D. Volpano, C. Irvine, and G. Smith. A Sound Type System for Secure Flow Analysis. JCS, 4(2--3), 1996."},{"key":"e_1_3_2_1_37_1","volume-title":"Programming Perl. O'Reilly &amp","author":"Wall L.","year":"2000","unstructured":"L. Wall , T. Christiansen , and J. Orwant . Programming Perl. O'Reilly &amp ; Associates, Inc. , 3rd edition, 2000 . L. Wall, T. Christiansen, and J. Orwant. Programming Perl. O'Reilly & Associates, Inc., 3rd edition, 2000."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250739"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1368088.1368112"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/996841.996859"}],"event":{"name":"PLDI '09: ACM SIGPLAN Conference on Programming Language Design and Implementation","location":"Dublin Ireland","acronym":"PLDI '09","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages","ACM Association for Computing Machinery"]},"container-title":["Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1542476.1542486","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1542476.1542486","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:29:56Z","timestamp":1750238996000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1542476.1542486"}},"subtitle":["effective taint analysis of web applications"],"short-title":[],"issued":{"date-parts":[[2009,6,15]]},"references-count":38,"alternative-id":["10.1145\/1542476.1542486","10.1145\/1542476"],"URL":"https:\/\/doi.org\/10.1145\/1542476.1542486","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/1543135.1542486","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2009,6,15]]},"assertion":[{"value":"2009-06-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}