{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T23:12:28Z","timestamp":1769728348978,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642252822","type":"print"},{"value":"9783642252839","type":"electronic"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-25283-9_23","type":"book-chapter","created":{"date-parts":[[2011,11,17]],"date-time":"2011-11-17T16:31:18Z","timestamp":1321547478000},"page":"346-360","source":"Crossref","is-referenced-by-count":1,"title":["Software, Vendors and Reputation: An Analysis of the Dilemma in Creating Secure Software"],"prefix":"10.1007","author":[{"given":"Craig S.","family":"Wright","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"issue":"1","key":"23_CR1","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MSP.2005.12","volume":"3","author":"A. Arora","year":"2005","unstructured":"Arora, A., Telang, R.: Economics of Software Vulnerability Disclosure. IEEE Security and Privacy\u00a03(1), 20\u201325 (2005)","journal-title":"IEEE Security and Privacy"},{"key":"23_CR2","unstructured":"Arora, A., Telang, R., Xu, H.: Optimal Time Disclosure of Software Vulnerabilities. In: Conference on Information Systems and Technology, Denver CO (October 23-24, 2004)"},{"issue":"4","key":"23_CR3","doi-asserted-by":"publisher","first-page":"642","DOI":"10.1287\/mnsc.1070.0771","volume":"54","author":"A. Arora","year":"2008","unstructured":"Arora, A., Telang, R., Xu, H.: Optimal Policy for Software Vulnerability Disclosure. Management Science\u00a054(4), 642\u2013656 (2008)","journal-title":"Management Science"},{"key":"23_CR4","doi-asserted-by":"crossref","unstructured":"Bacon, D.F., Chen, Y., Parkes, D., Rao, M.: A market-based approach to software evolution. Paper presented at the Proceeding of the 24th ACM SIGPLAN Conference Companion on Object Oriented Programming Systems Languages and Applications (2009)","DOI":"10.1145\/1639950.1640066"},{"key":"23_CR5","doi-asserted-by":"crossref","unstructured":"Beach, J.R., Bonewell, M.L.: Setting-up a successful software vendor evaluation\/qualification process for \u2018off-the-shelve\u2019 commercial software used in medical devices. In: Proceedings of Sixth Annual IEEE Symposium on Paper presented at the Computer-Based Medical Systems (1993)","DOI":"10.1109\/CBMS.1993.263005"},{"key":"23_CR6","volume-title":"The Mythical Man-Month","author":"F. Brookes","year":"1995","unstructured":"Brookes, F.: The Mythical Man-Month. Addison-Wesley, Reading (1995)"},{"key":"23_CR7","doi-asserted-by":"publisher","first-page":"677","DOI":"10.1109\/32.317426","volume":"20","author":"S. Campodonico","year":"1994","unstructured":"Campodonico, S.: A Bayesian Analysis of the Logarithmic-Poisson Execution Time Model Based on Expert Opinion and Failure Data. IEEE Transactions on Software Engineering\u00a020, 677\u2013683 (1994)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"23_CR8","unstructured":"Cavusoglu, H., Cavusoglu, H., Zhang, J.: Economics of Security Patch Management. In: The Fifth Workshop on the Economics of Information Security, WEIS 2006 (2006)"},{"key":"23_CR9","unstructured":"Cohen, J.: Best Kept Secrets of Peer Code Review (Modern Approach. Practical Advice). Smartbearsoftware.com (2006)"},{"key":"23_CR10","unstructured":"de Villiers, M.: Free Radicals in Cyberspace, Complex Issues in Information Warefare. 4 Nw. J. Tech. & Intell. Prop. 13 (2005), http:\/\/www.law.northwestern.edu\/journals\/njtip\/v4\/n1\/2"},{"key":"23_CR11","first-page":"1","volume-title":"Notes on structured programming Structured programming, ch. I","author":"E.W. Dijkstra","year":"1972","unstructured":"Dijkstra, E.W.: Notes on structured programming Structured programming, ch. I, pp. 1\u201382. Academic Press Ltd., London (1972)"},{"key":"23_CR12","doi-asserted-by":"crossref","unstructured":"Kannan, K., Telang, R.: Market for Software Vulnerabilities? Think Again. Management Science (2004)","DOI":"10.1287\/mnsc.1040.0357"},{"key":"23_CR13","volume-title":"Debugging Techniques in Large Systems","author":"H.D. Mills","year":"1971","unstructured":"Mills, H.D.: Top-down programming in large systems. In: Rustin, R. (ed.) Debugging Techniques in Large Systems. Englewoods Cliffs, Prentice-Hall, N.J (1971)"},{"key":"23_CR14","unstructured":"Murphy, R., Regnery, P.: The Politically Incorrect Guide to the Great Depression and the New Deal (2009)"},{"key":"23_CR15","volume-title":"Algorithmic Game Theory","year":"2007","unstructured":"Nissan, N., Roughgarden, T., Tardos, E., Vazirani, V. (eds.): Algorithmic Game Theory. Cambridge University Press, Cambridge (2007), P14, Pricing Game; P24, Algorithm for a simple market; P639 Information Asymmetry"},{"key":"23_CR16","unstructured":"Nizovtsev, D., Thursby, M.: Economic analysis of incentives to disclose software vulnerabilities. In: Fourth Workshop on the Economics of Information Security (2005)"},{"key":"23_CR17","unstructured":"Ounce Labs, 2, http:\/\/www.ouncelabs.com\/about\/news\/337-the_cost_of_fixing_an_application_vulnerability"},{"key":"23_CR18","unstructured":"Ozment, A.: Bug auctions: Vulnerability markets reconsidered. In: Third Workshop on the Economics of Information Security (2004)"},{"key":"23_CR19","volume-title":"Normal Accidents: Living with High-Risk Technologies","author":"C. Perrow","year":"1984","unstructured":"Perrow, C.: Normal Accidents: Living with High-Risk Technologies. Princeton University Press, Princeton (1984\/1999)"},{"key":"23_CR20","doi-asserted-by":"crossref","unstructured":"Telang, R., Wattal, S.: Impact of Software Vulnerability Announcements on the Market Value of Software Vendors \u2013 an Empirical Investigation (2004), http:\/\/www.infosecon.net\/workshop\/pdf\/telang_wattal.pdf","DOI":"10.2139\/ssrn.677427"},{"issue":"2","key":"23_CR21","first-page":"230","volume":"42","author":"A. Turing","year":"1936","unstructured":"Turing, A.: On computable numbers, with an application to the Entscheidungsproblem. Proceedings of the London Mathematical Society\u00a042(2), 230\u2013265 (1936)","journal-title":"Proceedings of the London Mathematical Society"},{"issue":"5","key":"23_CR22","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1002\/smj.4250090505","volume":"9","author":"K. Weigelt","year":"1988","unstructured":"Weigelt, K., Camerer, C.: Reputation and Corporate Strategy: A Review of Recent Theory and Applications. Strategic Management Journal\u00a09(5), 443\u2013454 (1988)","journal-title":"Strategic Management Journal"},{"key":"23_CR23","unstructured":"Donald, D.: Economic Foundations of Law and Organization (2006)"}],"container-title":["Lecture Notes in Computer Science","Trusted Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-25283-9_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,19]],"date-time":"2019-06-19T18:49:33Z","timestamp":1560970173000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-25283-9_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642252822","9783642252839"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-25283-9_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011]]}}}