Secure coding practices in Java
131 Citations•2018•
Na Meng, Stefan Nagy, Danfeng Yao
journal unavailable
An empirical study on StackOverflow posts aiming to understand developers' concerns on Java secure coding, their programming obstacles, and insecure coding practices reveals the insufficiency of secure coding assistance and documentation, as well as the huge gap between security theory and coding practices.
Abstract
The Java platform and its third-party libraries provide useful features to facilitate secure coding. However, misusing them can cost developers time and effort, as well as introduce security vulnerabilities in software. We conducted an empirical study on StackOverflow posts, aiming to understand developers' concerns on Java secure coding, their programming obstacles, and insecure coding practices.