1 of 1 people found the following review helpful
Good resoure for Java architects, developers, and application security auditors,
Verified Purchase(What's this?)
This review is from: The CERT Oracle Secure Coding Standard for Java (SEI Series in Software Engineering) (Paperback)
The coding standards are provided as a clearly documented set of rules, each one including some summary information about the rule, code examples of the rule not being followed as well as code that does follow the rule, enumerated exceptions where it's permissible to deviate from the rule, and lastly a risk assessment of the vulnerability that arises when you don't follow the rule. The list of rules is extensive, so the authors have helpfully grouped them into the following categories:
* Input Validation and Data Sanitization
* Declarations and Initialization
* Numeric Types and Operations
* Object Orientation
* Exceptional Behavior (i.e., proper usage and handling of exceptions)
* Visibility and Atomicity
* Thread APIs
* Thread Pools
* Thread-Safety Miscellaneous
* Input Output
* Platform Security
* Runtime Environment
This presentation format lends itself to a very organized and comprehensive treatment of the subject, but doesn't make it the type of book that you can easily read from cover to cover. It would be fair to say that it reads more like a reference book that's tremendously useful when you're interested in practical secure Java coding practices for a specific area rather than as a training guide. Before finding that specific topic of interest, however, it would be wise to read the excellent introductory chapter. The introduction provides overviews of each of the principle sources of vulnerabilities in Java applications: misplaced trust; injection attacks (including a very helpful explanation of the appropriate use and sequencing of validation, sanitization, canonicalization, and normalization); leaking sensitive data; leaking capabilities; denial of service; serialization; concurrency, visibility, and memory; security managers; and class loaders.
It's also important to note that many of the rules focus on how to write mobile code that can be safely executed in untrusted systems or how to use untrusted mobile code on trusted systems. In these cases, the attacker is writing code that interacts with your code and takes advantage of vulnerabilities you have left by not following the prescribed rules. This attacker context is quite different from that of an external hacker trying to take advantage of flaws in a web site, for example.
Although the book is probably best used as a reference guide in which you'll seek out a topic of interest rather than read from front to back, it's undeniably a highly valuable contribution to the topic of secure Java coding. As such, it's a useful addition to the bookshelves of Java architects, developers, and application security auditors.