You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 42 Next »

An essential element of secure coding in the Java programming language is a well-documented and enforceable coding standard. Coding standards encourage programmers to follow a uniform set of guidelines determined by the requirements of the project and organization, rather than by the programmer's familiarity or preference. Once established, these standards can be used as a metric to evaluate source code (using manual or automated processes).

The CERT Oracle Secure Coding Standard for Java provides guidelines for secure coding in the Java programming language. The goal of these guidelines is to eliminate insecure coding practices and undefined behaviors that can lead to exploitable vulnerabilities. The application of the secure coding standard will lead to higher-quality systems that are robust and more resistant to attack. This coding standard affects the wide range of products coded in Java, for devices such as PCs, game players, mobile phones, home appliances, and automotive electronics.

Scope

Audience

Contents and Organization

Guidelines

Usage

System Qualities

Priority and Levels

Automatically Generated Code

Source Code Validation

Tool Selection and Validation


The CERT Oracle Secure Coding Standard for Java      The CERT Oracle Secure Coding Standard for Java      01. Runtime Environment (ENV)

  • No labels