1.Jie Ren, Richard N. Tayl, "A Secure Software Architecture Description Language," University of California, California 2005.
2.Bruce Potter,G. McGraw,Booz Allen Hamilton, "Software Security Testing," IEEE COMPUTER SOCIETY, vol. 04, pp. 32-36, 2004.
3.賴森堂, "以量測為基礎的軟體安全風險改善作業," 創新與管理, vol. 5, pp. 83-100, 3月 2008.4.徐濟世、洪庭啟, "以本體論為基礎之案例推理系統之研究:以旅遊行程推薦為例," 管理與資訊學報, vol. 9, pp. 31-61, 2004.5.維基百科. (2010, 9月3日). 本體論 (維基媒體基金會 ed.). Available: http://en.wikipedia.org/wiki/Ontology
6.Yair Wand,Ron Weber, Ontology I: The Furniture of the WorldThe furniture of the world ,vol. 3. Boston: Reidel 1977.
7.Yair Wand,Ron Weber, "An Ontological Model of an Information System," IEEE, vol. 16, pp. 1282-1292, 1990.
8.Robert Neches,Richard Fikes, Tim Finin, Thomas Gruber,Ramesh Patil, Ted Senator,William R. Swartout. (1991, FALL) Enabling technology for knowledge sharing. AI [Magazine]. 36-56.
9.Thomas R. Gruber, "A Translation Approach to Portable Ontology Specifications," Stanford University, California, Technical Report KSL 92-71, Revised April 1993.
10.Wielinga,Schreiber, "Reusable and sharable knowledge bases: a European perspective," presented at the In Proceeding of proceedings of first International conference on building and sharing of very large-scaled knowledge bases, Tokyo, Japan, 1993.
11.Alberts, L.K., "YMIR: an ontology for engineering design," Doctoral thesis, University of Twente, Netherlands, 1993.
12.Nicola Guarino, "Formal Ontology, Conceptual Analysis and Knowledge Representation," International Journal of Human-Computer Studies, vol. 43, pp. 625-640, 1995.
13.Nicola Guarino , Pierdaniele Giaretta "Ontologies and Knowledge Bases - Towards a Terminological Clarification " In Towards Very Large Knowledge Bases pp. 25-32, 1995.
14.Guus Schreiber Bob , Bob Wielinga , Wouter Jansweijer , Wouter Jansweijer, "The KACTUS View on the 'O' Word," presented at the IJCAI Workshop on Basic Ontological Issues in Knowledge Sharing, Netherlands, 1995.
15.Amaia Bernaras, Iñaki Laresgoiti, Jose Manuel Corera, "Building and Reusing Ontologies for Electrical Network Applications," 12th European Conference on Artificial Intelligence, pp. 298-302, 8,1996.
16.Ramesh Patil ,Kevin Knight,Tom Russ, "Toward Distributed Use of Large-Scale Ontologies," presented at the Ontological engineering, AAAI-97 Spring symposium series, California, 1997.
17.Borst,Willem Nico, "Construction of engineering ontologies for knowledge sharing and reuse," PhD Thesis, College van Promoties, Netherlands, 1997.
18.G . VAN H EIJST , A . T H . S CHREIBER , B . J . W IELINGA, "Using explicit ontologies in KBS development," Human – Computer Studies, vol. 45, pp. 183-292, 1997.
19.Rudi Studer, V. Richard Benjamins, and Dieter Fensel, "Knowledge engineering : principles and methods," Data and knowledge engineering, pp. 161-197, 1998.
20.Nicola Guarino, "Formal Ontology and Information Systems," IOS Press, Trento, Italy,6-8 June 1998.
21.William , Austin Swartout, "Guest Editors' Introduction:Ontologies," IEEE Intelligent Systems, vol. 14, pp. 18-19, Jan/Feb 1999.
22.B.Chandrasekaran ,John R. Josephson, "What are ontologies, and why do we need them?," IEEE Intelligent Systems, pp. 20-25, Jan/Feb 1999.
23.Steffen Staab, Hans-Peter Schnurr, Rudi Studer, York Sure, "Knowledge Processes and Ontologies," IEEE Intelligent Systems, pp. 2-10, November 29, 2000.
24.Dagobert Soergel, "Thesauri and ontologies in digital libraries Tutorial," presented at the joint conference on digital libraries Roanoke, VA, USA., 2001.
25.Chandrasekaran,Benjamins, "What are ontologies, and why do we need them?," IEEE Intelligent systems, pp. 20-25, January/February 1999.
26.Michael Denny. (2002, 11,6). Ontology Building:A Survey of Editing Tools. Available: http://www.xml.com/pub/a/2002/11/06/ontologies.html?page=1
27.Biplab K. Sarker, Peter Wallace and Will Gill, "Some Observations on Mind Map and Ontology Building Tools for Knowledge Management," Research & Development, Innovatia Inc, Canada2007.
28.Deborah L. McGuinness 、Frank van Harmelen. (2004), OWL Web Ontology Language Overview (3 ed.) [web]. Available: http://www.w3.org/TR/owl-features/
29.W3C. (2001) DAML+OIL,Reference Description. Available: http://www.w3.org/TR/daml+oil-reference
30.葉建宏, "以OWL輔助UML工具在軟體開發的應用," 碩士, 資訊管理學系, 元智大學, 桃園, 2005.31.Grigoris Antoniou,Frank van Harmelen, A Semantic Web Primer, The MIT Press, 2004.
32.Tim Berners-Lee, James Hendler and Ora Lassila, "The Semantic Web," Scientific American, pp. 34-43, May 17, 2001.
33.張体首,蔡明, "語義搜索引擎概念模型," 微電子學與計算機, vol. 24, pp. 171-174, 2007.
34.Dragan Djuric, "MDA-based Ontology Infrastructure," Computer Science and Information Systems, vol. 1, pp. 91-116, February 2004.
35.何海芸,袁春風, "基於Ontology的領域知識構建技術綜述," 計算機應用研究, vol. 第3期, pp. 14-18, 2005.
36.邢彬彬,姚鄭, "CMM/CMMI與軟件生命周期模型關係的研究," 計算機應用研究, vol. 24, pp. 65-69, 11月 2007.
37.傅潔瑩. (2007, 09.20). 軟體發展的生命週期. 台灣大學電子報 [電子報]. 第0002期.
38.李允中, 軟體工程, 初版 ed. vol. 340. 台灣: 美商麥格羅.希爾, 2009.
39.Gary McGraw, Cigital, Software Security : Building Security In, E ed.: Addison-Wesley, 2006.
40.吳明蔚、黃耀文、游堯忠、陳勇君、邱華明、侯望倫、鍾榮翰, "97年度Web 應用程式安全參考指引V.2," 行政院研究發展考核委員會, 台北 ICST-C-008, 3月 2009.
41.Carl E. Landwehr et al., "A Taxonomy of Computer Program Security Flaws," ACM Computing Surveys, vol. 26, pp. 211-254, September 1994.
42.Edward G. Amoroso, Fundamentals of Computer Security Technology. USA: Prentice-Hall, Inc, 1994.
43.杜經農、盧炎生, "1種Web軟件安全漏洞分類方法," 計算機工程與應用, vol. 25, pp. 10-14, 6/18 2009.
44.Dave Wichers. (2010, 4,19). OWASP Top 10 - 2010 (OWASP ed.) [Report].
45.Chris Shiflett, Essential PHP Security. USA: O'Reilly Media, Inc., 2005.
46.Thomas Myer, "Locking down your PHP applications," IBM, Texas,2006.
47.J.D. Meier, Alex Mackman, Blaine Wastell, Prashant Bansode, Andy Wigley, "How To: Prevent Cross-Site Scripting in ASP.NET," Microsoft Corporation,2005.
48.J.D. Meier, Alex Mackman, Blaine Wastell, Prashant Bansode, Andy Wigley, "How To: Protect From SQL Injection in ASP.NET," Microsoft Corporation,2005.
49.OWASP. (2008) Preventing SQL Injection in Java. Available: https://www.owasp.org/index.php/Preventing_SQL_Injection_in_Java
50.Dave Wichers.(2011) SQL Injection Prevention Cheat Sheet. Available: http://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet
51.Gonn. (2010) 如何編寫安全的PHP代碼. Available: http://www.nowamagic.net/php/php_HowToWriteSafePhpCode.php
52.JieNet. (2008) 防止SQL 注入攻擊. Available: http://www.cnblogs.com/JieNet/archive/2008/05/30/1210654.html
53.Jimmy Yu Yu. (2009) 防止跨網站(XSS)指令碼攻擊. Available: http://www.dotblogs.com.tw/jimmyyu/archive/2009/04/21/8118.aspx
54.李明儒. (2006, 12) ASP.NET防駭指南. RUN!PC [網頁技術]. 125.
55.游昇峰、姚辰旻、傅雅萍. (2010) 如何在ASP.NET網站應用程式中防範XSS的弱點. Available: http://knowledge.twisc.ntust.edu.tw/doku.php
56.褚誠雲. (2009) 跨站腳本XSS. Available: http://huaidan.org/archives/3181.html
57.Learning Note. (2007) [$_SERVER['PHP_SELF']跨站腳本攻擊. Available: http://alphalins.blogspot.com/2007/11/serverphpself.html
58.黑暗執行緒. (2009) 小心Eval潛藏XSS漏洞. Available: http://blog.darkthread.net/post-2008-06-19-eval-xss.aspx
59.中國網管聯盟. (2010) 怎麼預防SQL Injection 漏洞利用攻擊. Available: http://www.bitscn.com/network/protect/201004/184369_4.html
60.程裕繁、袁亦強、張雅惠、宋坤昌, "小型組織網際網路圖書管理資訊系統2.0," in 96年度全國校園軟體設計創意競賽, 修平技術學院, Ed., ed. 台北: 教育部, 2007.
61.游象甫、林聖雄、邱坤煒、莊詠筌、陳威傑, "跨校聯合招生特色的碩士班甄試入學網路報名系統," in 96年度全國校園軟體設計創意競賽得獎作品, 台北教育大學, Ed., 1 ed. 台北: 教育部, 2007.
62.廖文忠、陳渝琳、黃儷文、羅雅芳, "Moodle線上課輔會談與預約模組的建置-整合DimDim、Google Calendar之應用," in 98年度全國校園軟體設計創意競賽得獎作品, 勤益科技大學, Ed., ed. 台北: 教育部, 98.