Access

You are not currently logged in.

Access your personal account or get JSTOR access through your library or other institution:

login

Log in to your personal account or through your institution.

Network Software Security and User Incentives

Terrence August and Tunay I. Tunca
Management Science
Vol. 52, No. 11 (Nov., 2006), pp. 1703-1720
Published by: INFORMS
Stable URL: http://www.jstor.org/stable/20110643
Page Count: 18
  • Download ($30.00)
  • Cite this Item
Network Software Security and User Incentives
Preview not available

Abstract

We study the effect of user incentives on software security in a network of individual users under costly patching and negative network security externalities. For proprietary software or freeware, we compare four alternative policies to manage network security: (i) consumer self-patching (where no external incentives are provided for patching or purchasing); (ii) mandatory patching; (iii) patching rebate; and (iv) usage tax. We show that for proprietary software, when the software security risk and the patching costs are high, for both a welfare-maximizing social planner and a profit-maximizing vendor, a patching rebate dominates the other policies. However, when the patching cost or the security risk is low, self-patching is best. We also show that when a rebate is effective, the profit-maximizing rebate is decreasing in the security risk and increasing in patching costs. The welfare-maximizing rebates are also increasing in patching costs, but can be increasing in the effective security risk when patching costs are high. For freeware, a usage tax is the most effective policy except when both patching costs, and security risk are low, in which case a patching rebate prevails. Optimal patching rebates and taxes tend to increase with increased security risk and patching costs, but can decrease in the security risk for high-risk levels. Our results suggest that both the value generated from software and vendor profits can be significantly improved by mechanisms that target user incentives to maintain software security.

Page Thumbnails

  • Thumbnail: Page 
1703
    1703
  • Thumbnail: Page 
1704
    1704
  • Thumbnail: Page 
1705
    1705
  • Thumbnail: Page 
1706
    1706
  • Thumbnail: Page 
1707
    1707
  • Thumbnail: Page 
1708
    1708
  • Thumbnail: Page 
1709
    1709
  • Thumbnail: Page 
1710
    1710
  • Thumbnail: Page 
1711
    1711
  • Thumbnail: Page 
1712
    1712
  • Thumbnail: Page 
1713
    1713
  • Thumbnail: Page 
1714
    1714
  • Thumbnail: Page 
1715
    1715
  • Thumbnail: Page 
1716
    1716
  • Thumbnail: Page 
1717
    1717
  • Thumbnail: Page 
1718
    1718
  • Thumbnail: Page 
1719
    1719
  • Thumbnail: Page 
1720
    1720