About the Open Web Application Security Project
Identity, authentication key to Web services security
OWASP Guide to Building Secure Web Applications and Web Services, Chapter 13: Interpreter Injection
OWASP Guide to Building Secure Web Applications and Web Services, Chapter 11: Session Management
OWASP Guide to Building Secure Web Applications and Web Services, Chapter 17: Buffer Overflows