An economic analysis of the software market with a risk-sharing contract

Byung Cho Kim, Pei-yu Chen, Tridas Mukhopadhyay

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Low quality of software has been blamed for poor security of our computer networks as major viruses and worms exploit the vulnerabilities of such software. However, software vendors have no incentive to improve the quality of their products since they are not directly liable for any loss due to poor quality. Software liability has been intensely discussed among computer scientists and jurists for years as a possible solution for software quality improvement. This paper proposes a risk-sharing mechanism between software vendors and customers as a market-driven method to impose software liability. We consider two dimensions of software quality: functionality and security quality. We present an economic model of the software market with a risk-sharing mechanism, which takes into account the strategic interplay of risk-sharing and security quality of the software given a certain level of functionality. We then apply this model in different scenarios, and examine the implications of the risk-sharing mechanism in the context of cyber security. Our model provides evidence of under-provided security quality of software in the monopoly case, as has been observed in the market. We consider the feasibility and effectiveness of the risk-sharing mechanism under various scenarios, and find the conditions under which the proposed mechanism is promising.

Original languageEnglish (US)
Title of host publicationAssociation for Information Systems - 26th International Conference on Information Systems, ICIS 2005: Forever New Frontiers
Pages361-366
Number of pages6
StatePublished - 2005
Externally publishedYes
Event26th International Conference on Information Systems, ICIS 2005 - Las Vegas, NV, United States
Duration: Dec 11 2005Dec 14 2005

Other

Other26th International Conference on Information Systems, ICIS 2005
CountryUnited States
CityLas Vegas, NV
Period12/11/0512/14/05

Keywords

  • Cyber security
  • Risk-sharing
  • Software quality

ASJC Scopus subject areas

  • Computer Science Applications
  • Statistics, Probability and Uncertainty
  • Applied Mathematics
  • Library and Information Sciences

Fingerprint Dive into the research topics of 'An economic analysis of the software market with a risk-sharing contract'. Together they form a unique fingerprint.

  • Cite this

    Kim, B. C., Chen, P., & Mukhopadhyay, T. (2005). An economic analysis of the software market with a risk-sharing contract. In Association for Information Systems - 26th International Conference on Information Systems, ICIS 2005: Forever New Frontiers (pp. 361-366)