References

References (McConnell 2004) McConnell, Steve. Code Complete, 2d ed. Redmond, WA: Microsoft Press, 2004. (TCAAB 2003) Microsoft Corporation. "Microsoft Convenes Trustworthy Computing Academic Advisory Board," http://www.microsoft.com/presspass/press/2003/Feb03/02-20TWCAABPR.mspx. February 2003. (Howard and LeBlanc 2003) Howard, Michael, and David LeBlanc. Writing Secure Code, 2nd ed. Redmond, WA: Microsoft Press, 2003. (Swiderski and Snyder 2004) Swiderski, Frank, and Window Snyder. Threat Modeling. Redmond, WA: Microsoft Press, 2004. (Torr 2005) Torr, Peter. "Guerrilla Threat Modelling (or 'Threat Modeling' if you're American)," http://blogs.msdn.com/ptorr/archive/2005/02/22/GuerillaThreatModelling.aspx. February 2005. (UC Berkeley 2005) Yang, Sarah, University of California, Berkeley. "Researchers recover typed text using audio recording of keystrokes," http://www.berkeley.edu/news/media/releases/2005/09/14_key.shtml. September 2005. (Pet Shop 2006) Leake, Gregory, Microsoft Corporation. "Microsoft .NET Pet Shop 4: Migrating an ASP.NET 1.1 Application to 2.0," http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/bdasamppet4.asp. MSDN, February 2006. (Kozar 1997) Kozar, Kenneth A. "The Technique of Data Flow Diagramming," http://spot.colorado.edu/~kozar/DFDtechnique.html. 1997. (Sauter 2002) Sauter, Vicki, University of Missouri, St. Louis. "Data Flow Diagrams," http://www.umsl.edu/~sauter/analysis/dfd/dfd_intro.html. September 2002. (Drewry 2005) Drewry, Tony. "Data Flow Diagrams," http://www.cems.uwe.ac.uk/~tdrewry/dfds.htm. October 2005. (Ambler 2006) Ambler, Scott W. "Data Flow Diagrams (DFDs)," http://www.agilemodeling.com/artifacts/dataFlowDiagram.htm. April 2006. (DFD 2006) "Data Flow Diagrams - Free Online Tutorial & Download," http://www.data-flow-diagrams.com/. (Yourdon 2006) Yourdon, Ed. Just Enough Structured Analysis project. Chapter 9, "Data Flow Diagrams," http://www.yourdon.com/strucanalysis/chapters/ch9.html. (Ellison 2000) Ellison, Carl. "Non-repudiation," http://world.std.com/~cme/non-repudiation.htm. (CERT 2003) Carnegie Mellon Software Engineering Institute, CERT Coordination Center. "CERT Advisory CA-2003-02 Double-Free Bug in CVS Server," http://www.cert.org/advisories/CA-2003-02.html. January 2003. (Silicon 2003) Lemos, Robert. "Linux kernel suffers Trojan horse hack," http://software.silicon.com/os/0,39024651,39116796,00.htm. November 2003. (CVE-2005-1974) Common Vulnerabilities and Exposures. Java Web Start Untrusted Application Privilege Escalation, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1974. (CVE-2005-1160) Common Vulnerabilities and Exposures. Firefox/Mozilla Chrome UI DOM Property Override Privilege Escalation, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1160. (CVE-2005-0054) Common Vulnerabilities and Exposures. URL Decoding Zone Spoofing Vulnerability in Internet Explorer, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0054. (Viega and McGraw 2001) Viega, John, and Gary McGraw. Building Secure Software: How to Avoid Security Problems the Right Way. Reading, MA: Addison-Wesley Publishing Co., 2001. (Ferguson and Schneier 2003) Ferguson, Niels, and Bruce Schneier. Practical Cryptography. New York, NY: John Wiley & Sons, 2003. (Howard and LeBlanc 2003) Howard, Michael, and David LeBlanc. Writing Secure Code, 2nd ed. Redmond, WA: Microsoft Press, 2003. (Stewart 1964) Stewart, Potter. http://en.wikiquote.org/wiki/Potter_Stewart.