{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,14]],"date-time":"2026-04-14T21:57:20Z","timestamp":1776203840156,"version":"3.50.1"},"reference-count":39,"publisher":"Informa UK Limited","issue":"2","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["International Journal of Electronic Commerce"],"published-print":{"date-parts":[[2009,12]]},"DOI":"10.2753\/jec1086-4415140201","type":"journal-article","created":{"date-parts":[[2010,1,15]],"date-time":"2010-01-15T03:23:54Z","timestamp":1263525834000},"page":"7-40","source":"Crossref","is-referenced-by-count":16,"title":["An Economic Analysis of the Software Market with a Risk-Sharing Mechanism"],"prefix":"10.1080","volume":"14","author":[{"given":"Byung Cho","family":"Kim","sequence":"first","affiliation":[{"name":"a Pamplin College of Business, Virginia Polytechnic Institute, State University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pei-yu","family":"Chen","sequence":"additional","affiliation":[{"name":"b Fox School of Business, Temple University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tridas","family":"Mukhopadhyay","sequence":"additional","affiliation":[{"name":"c Carnegie Mellon University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"301","published-online":{"date-parts":[[2014,12,8]]},"reference":[{"key":"1","first-page":"358","article-title":"Why information security is hard\u2014An economic perspective","author":"R. Anderson","year":"2001"},{"issue":"3","key":"2","doi-asserted-by":"crossref","first-page":"465","DOI":"10.1287\/mnsc.1050.0440","article-title":"Sell first, fix later: Impact of patching on software quality","volume":"52","author":"A. Arora","year":"2006","journal-title":"Management Science"},{"issue":"4","key":"3","doi-asserted-by":"crossref","first-page":"642","DOI":"10.1287\/mnsc.1070.0771","article-title":"Optimal policy for software vulnerability disclosure","volume":"54","author":"A. Arora","year":"2007","journal-title":"Management Science"},{"issue":"11","key":"4","doi-asserted-by":"crossref","first-page":"1703","DOI":"10.1287\/mnsc.1060.0568","article-title":"Network software security and user incentives","volume":"52","author":"T. August","year":"2006","journal-title":"Management Science"},{"issue":"1","key":"5","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1287\/isre.1070.0142","article-title":"Let the pirates patch? An economic analysis of software security patch restrictions","volume":"19","author":"T. August","year":"2008","journal-title":"Information Systems Research"},{"issue":"3","key":"6","first-page":"350","article-title":"Weak invisible hand theorems on the sustainability of multiproduct natural monopoly","volume":"67","author":"W. Baumol","year":"1977","journal-title":"American Economic Review"},{"issue":"3","key":"7","doi-asserted-by":"crossref","first-page":"115","DOI":"10.2753\/JEC1086-4415120306","article-title":"A privacy-protecting business-analytics service for on-line transactions","volume":"12","author":"B. Berendt","year":"2008","journal-title":"International Journal of Electronic Commerce"},{"issue":"4","key":"8","doi-asserted-by":"crossref","first-page":"657","DOI":"10.1287\/mnsc.1070.0794","article-title":"Security patch management: Share the burden or share the damage","volume":"54","author":"H. Cavusoglu","year":"2008","journal-title":"Management Science"},{"issue":"1","key":"9","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1080\/10864415.2004.11044320","article-title":"The effect of Internet security breach announcements on market value: Capital market reactions for breached firms and Internet security developers","volume":"9","author":"H. Cavusoglu","year":"2004","journal-title":"International Journal of Electronic Commerce"},{"issue":"2","key":"10","doi-asserted-by":"crossref","first-page":"281","DOI":"10.2753\/MIS0742-1222250211","article-title":"Decision-theoretic and game-theoretic approaches to IT security investment","volume":"25","author":"H. Cavusoglu","year":"2008","journal-title":"Journal of Management Information Systems"},{"issue":"3","key":"11","doi-asserted-by":"crossref","first-page":"193","DOI":"10.2753\/MIS0742-1222240307","article-title":"An economic model of privacy: A property rights approach to regulatory choices for online personalization","volume":"24","author":"R. Chellappa","year":"2007-8","journal-title":"Journal of Management Information Systems"},{"issue":"2","key":"12","doi-asserted-by":"crossref","first-page":"7","DOI":"10.2753\/JEC1086-4415100201","article-title":"Internet privacy concerns and social awareness as determinants of intention to transact","volume":"10","author":"T. Dinev","year":"2005-6","journal-title":"International Journal of Electronic Commerce"},{"issue":"7","key":"13","doi-asserted-by":"crossref","first-page":"1057","DOI":"10.1287\/mnsc.1060.0549","article-title":"Two-sided competition of proprietary vs. open implications for the software industry","volume":"52","author":"N. Economides","year":"2006","journal-title":"Management Science"},{"key":"14","unstructured":"<i>Economist.<\/i> Microsoft at the power point. September 11, 2003."},{"key":"15","first-page":"1","article-title":"Contracts getting tough on security","author":"D. Fisher","year":"2002","journal-title":"eWeek"},{"key":"16","article-title":"Causes and remedies for social acceptance of network insecurity","author":"M. Fisk","year":"2002"},{"key":"17","unstructured":"Harmon, A. Digital vandalism spurs a call for oversight. <i>New York Times<\/i>, September 1, 2003 <a target=\"_blank\" href='http:\/\/www.nytimes.com\/2003\/09\/01\/technology\/01NET.html?ex=1063339200&en=6c9adcbdd0cb5f11&ei=5070'>www.nytimes.com\/2003\/09\/01\/technology\/01NET.html?ex=1063339200&en=6c9adcbdd0cb5f11&ei=5070<\/a>"},{"issue":"1","key":"18","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1109\/MSECP.2003.1203443","article-title":"Two views on security software liability: Using the right legal tools","volume":"1","author":"C. Heckman","year":"2003","journal-title":"IEEE Security & Privacy"},{"key":"19","unstructured":"Jones, R., and Mendelson, H. Product and price competition for information goods. Technical Report, Stanford University, 1998."},{"issue":"5","key":"20","doi-asserted-by":"crossref","first-page":"726","DOI":"10.1287\/mnsc.1040.0357","article-title":"Market for software vulnerabilities? Think again","volume":"51","author":"K. Kannan","year":"2005","journal-title":"Management Science"},{"key":"21","unstructured":"Markoff, J. Microsoft programmers hit the books in a new focus on secure software. <i>New York Times<\/i>, April 8, 2002 <a target=\"_blank\" href='http:\/\/www.nytimes.com\/2002\/04\/08\/business\/microsoft-programmers-hit-the-books-in-a-new-focus-on-secure-software.html'>www.nytimes.com\/2002\/04\/08\/business\/microsoft-programmers-hit-the-books-in-a-new-focus-on-secure-software.html<\/a>"},{"key":"22","unstructured":"Morgenthaler, G. Apple's OS edge is a threat to Microsoft. <i>Business Week<\/i>, April 11, 2008 <a target=\"_blank\" href='http:\/\/www.businessweek.com\/technology\/content\/apr2008\/tc20080410_206881.htm'>www.businessweek.com\/technology\/content\/apr2008\/tc20080410_206881.htm<\/a>"},{"issue":"2","key":"23","doi-asserted-by":"crossref","first-page":"301","DOI":"10.1016\/0022-0531(78)90085-6","article-title":"Monopoly and product quality","volume":"18","author":"M. Mussa","year":"1978","journal-title":"Journal of Economic Theory"},{"key":"24","unstructured":"National Research Council. <i>Computers at Risk: Safe Computing in the Information Age.<\/i> Washington, DC: National Academy Press, 1991."},{"key":"25","unstructured":"Orszag, P.R. Critical infrastructure protection and the private sector: The crucial role of incentives. Brookings Institution, Washington, DC, September 4, 2003 <a target=\"_blank\" href='http:\/\/www.brookings.edu\/testimony\/2003\/0904_homelandsecurity_orszag.aspx'>www.brookings.edu\/testimony\/2003\/0904_homelandsecurity_orszag.aspx<\/a>"},{"key":"26","unstructured":"Richardson, R. <i>CSI Survey 2007: The 12th Annual Computer Crime and Security Survey.<\/i> Computer Security Institute, 2007, available at <a target=\"_blank\" href='http:\/\/www.gocsi.com\/forms\/csi_survey.jhtml'>www.gocsi.com\/forms\/csi_survey.jhtml<\/a>"},{"issue":"4","key":"27","doi-asserted-by":"crossref","first-page":"490","DOI":"10.2307\/2600984","article-title":"Minimum quality standards, fixed costs, and competition","volume":"22","author":"U. Ronnen","year":"1991","journal-title":"RAND Journal of Economics"},{"issue":"1","key":"28","doi-asserted-by":"crossref","first-page":"70","DOI":"10.1109\/MSECP.2003.1176999","article-title":"Two views on security software liability: Let the legal system decide","volume":"1","author":"D. Ryan","year":"2003","journal-title":"IEEE Security & Privacy"},{"key":"29","unstructured":"Schneier, B. Information security: How liable should vendors be? <i>Computer World<\/i> (October 28, 2004) <a target=\"_blank\" href='http:\/\/www.computerworld.com\/s\/article\/96948\/Information_security_How_liable_should_vendors_be_?taxonomyId=017&SKC=security-96948'>www.computerworld.com\/s\/article\/96948\/Information_security_How_liable_should_vendors_be_?taxonomyId=017&SKC=security-96948<\/a>"},{"key":"30","unstructured":"Schneier, B. Do federal security regulations help? <i>Information Security<\/i> (November 2006) <a target=\"_blank\" href='http:\/\/searchsecurity.techtarget.com\/magazineFeature\/0,296894,sid14_gci1256971,00.html'>http:\/\/searchsecurity.techtarget.com\/magazineFeature\/0,296894,sid14_gci1256971,00.html<\/a>"},{"issue":"2","key":"31","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1145\/503345.503348","article-title":"Five dimensions of information security awareness","volume":"31","author":"M. Siponen","year":"2001","journal-title":"ACM SIG CAS Computers and Society"},{"issue":"2","key":"32","doi-asserted-by":"crossref","first-page":"417","DOI":"10.2307\/3003237","article-title":"Monopoly, quality, and regulation","volume":"6","author":"M. Spence","year":"1975","journal-title":"Bell Journal of Economics"},{"issue":"3","key":"33","doi-asserted-by":"crossref","first-page":"561","DOI":"10.2307\/2296908","article-title":"Consumer misperceptions, product failure and producer liability","volume":"44","author":"M. Spence","year":"1977","journal-title":"Review of Economic Studies"},{"issue":"12","key":"34","doi-asserted-by":"crossref","first-page":"1660","DOI":"10.1287\/mnsc.1040.0291","article-title":"Nonlinear pricing of information goods","volume":"50","author":"A. Sundararajan","year":"2004","journal-title":"Management Science"},{"issue":"4","key":"35","doi-asserted-by":"crossref","first-page":"153","DOI":"10.2753\/MIS0742-1222240406","article-title":"Gaining trust through online privacy protection: Self-regulation, mandatory standards, or caveat emptor","volume":"24","author":"Z. Tang","year":"2008","journal-title":"Journal of Management Information Systems"},{"issue":"8","key":"36","doi-asserted-by":"crossref","first-page":"544","DOI":"10.1109\/TSE.2007.70712","article-title":"An empirical analysis of the impact of software vulnerability announcements on firm stock price","volume":"33","author":"R. Telang","year":"2007","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"2","key":"37","doi-asserted-by":"crossref","first-page":"137","DOI":"10.1080\/07421222.2004.11045805","article-title":"The market structure for Internet search engines","volume":"21","author":"R. Telang","year":"2004","journal-title":"Journal of Management Information Systems"},{"key":"38","unstructured":"Varian, H.R. Managing online security risks. <i>New York Times<\/i>, June 1, 2000 <a target=\"_blank\" href='http:\/\/www.nytimes.com\/library\/financial\/columns\/060100econ-scene.html'>www.nytimes.com\/library\/financial\/columns\/060100econ-scene.html<\/a>"},{"key":"39","volume-title":"Economics of information technology. Remarks delivered as the Mattioli Lecture","author":"H. Varian","year":"2001"}],"container-title":["International Journal of Electronic Commerce"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.tandfonline.com\/doi\/pdf\/10.2753\/JEC1086-4415140201","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,2,25]],"date-time":"2019-02-25T18:20:36Z","timestamp":1551118836000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.tandfonline.com\/doi\/full\/10.2753\/JEC1086-4415140201"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,12]]},"references-count":39,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2014,12,8]]},"published-print":{"date-parts":[[2009,12]]}},"alternative-id":["10.2753\/JEC1086-4415140201"],"URL":"https:\/\/doi.org\/10.2753\/jec1086-4415140201","relation":{},"ISSN":["1086-4415","1557-9301"],"issn-type":[{"value":"1086-4415","type":"print"},{"value":"1557-9301","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009,12]]}}}