Network security and contagion, Journal of Economic Theory, vol.166, pp.536-585, 2016. ,
Reputation and product quality, The RAND Journal of Economics, pp.311-327, 1984. ,
Why cryptosystems fail, Proceedings of the 1st ACM Conference on Computer and Communications Security, pp.215-227, 1993. ,
Why information security is hard-an economic perspective, Proceedings of the 17th Annual Computer Security Applications Conference, p.358, 2001. ,
Closing the phishing hole-fraud, risk and nonbanks, Federal Reserve Bank of Kansas City-Payment System Research Conferences, pp.41-56, 2007. ,
Security economics and the internal market, 2008. ,
Optimal design of crowdsourcing contests, p.200, 2009. ,
Search engine competition with network externalities, Journal of Competition Law and Economics, vol.8, issue.1, pp.73-105, 2012. ,
Research note-sell first, fix later: Impact of patching on software quality, Management Science, vol.52, issue.3, pp.465-471, 2006. ,
Does information security attack frequency increase with vulnerability disclosure? an empirical analysis, Information Systems Frontiers, vol.8, issue.5, pp.350-362, 2006. ,
Optimal policy for software vulnerability disclosure, Management Science, vol.54, issue.4, pp.642-656, 2008. ,
Competition and patching of security vulnerabilities: An empirical analysis, Information Economics and Policy, 2010. ,
An empirical analysis of software vendors' patch release behavior: impact of vulnerability disclosure, Information Systems Research, 2010. ,
Economic welfare and the allocation of resources for invention, The Rate and Direction of Inventive Activity: Economic and Social Factors, pp.609-626, 1962. ,
Network software security and user incentives, Management Science, vol.52, issue.11, pp.1703-1720, 2006. ,
Who should be responsible for software security? a comparative analysis of liability policies in network environments, Management Science, vol.57, issue.5, pp.934-959, 2011. ,
Cloud implications on software network structure and security risks, Information Systems Research, vol.25, issue.3, pp.489-510, 2014. ,
Analysing the performance of security solutions to reduce vulnerability exposure window, pp.33-42, 2008. ,
Choosing what to protect: Strategic defensive allocation against an unknown attacker, Journal of Public Economic Theory, vol.9, issue.4, pp.563-587, 2007. ,
A comparison of market approaches to software vulnerability disclosure, International Conference on Emerging Trends in Information and Communication Security, pp.298-311, 2006. ,
The iterated weakest link, IEEE Security & Privacy, vol.8, issue.1, pp.53-55, 2010. ,
How to manage outside innovation. MIT Sloan management review, vol.50, p.69, 2009. ,
Incentives and problem uncertainty in innovation contests: An empirical analysis, Management science, vol.57, issue.5, pp.843-863, 2011. ,
The economics of digital business models: A framework for analyzing the economics of platforms, Review of network Economics, vol.6, issue.2, 2007. ,
URL : https://hal.archives-ouvertes.fr/halshs-00169305
Sorting and incentive effects of pay for performance: An experimental investigation, Academy of management journal, vol.50, issue.2, pp.387-405, 2007. ,
Pricing security, Proceedings of the CERT Information Survivability Workshop, pp.31-39, 2000. ,
Relative performance compensation, contests, and dynamic incentives, Management Science, vol.55, issue.8, pp.1306-1320, 2009. ,
Efficiency of vulnerability disclosure mechanisms to disseminate vulnerability knowledge, IEEE Transactions on Software Engineering, vol.33, issue.3, pp.171-185, 2007. ,
Security patch management: Share the burden or share the damage?, Management Science, vol.54, issue.4, pp.657-670, 2008. ,
Open innovation: Researching a new paradigm, 2006. ,
Network security: Vulnerabilities and disclosure policy, The Journal of Industrial Economics, vol.58, issue.4, pp.868-894, 2010. ,
The effects of job standard tightness and compensation scheme on performance: An exploration of linkages, The Accounting Review, vol.58, issue.4, p.667, 1983. ,
State of the field the conceptualization of scientific specialties. The sociological quarterly, vol.17, pp.448-476, 1976. ,
Economic incentives in budgetary control systems, Accounting Review, pp.336-359, 1978. ,
Hacker behavior, network effects, and the security software market, Journal of Management Information Systems, vol.29, issue.2, pp.77-108, 2012. ,
Quality competition and market segmentation in the security software market, Mis Quarterly, vol.38, issue.2, 2014. ,
Performance pay and multidimensional sorting: Productivity, preferences, and gender, American Economic Review, vol.101, issue.2, pp.556-90, 2011. ,
The impact of competition on pricing and quality of legal services, International Review of Law and Economics, vol.9, issue.1, pp.41-56, 1989. ,
Hype and heavy tails: A closer look at data breaches, Journal of Cybersecurity, vol.2, issue.1, pp.3-14, 2016. ,
Performance-pay, sorting and social motivation, Journal of Economic Behavior & Organization, vol.68, issue.2, pp.412-421, 2008. ,
URL : https://hal.archives-ouvertes.fr/halshs-00331753
The relation between individual characteristics and compensation contract selection, Management Accounting Research, vol.34, pp.1-18, 2017. ,
An empirical study of vulnerability rewards programs, Presented as part of the 22nd {USENIX} Security Symposium ({USENIX} Security 13), pp.273-288, 2013. ,
Large-scale vulnerability analysis, pp.131-138, 2006. ,
Auctionin entry into tournaments, Journal of Political Economy, vol.107, issue.3, pp.573-605, 1999. ,
The economic incentives for sharing security information, Information Systems Research, vol.16, issue.2, pp.186-208, 2005. ,
The n-effect: More competitors, less competition, Psychological Science, vol.20, issue.7, pp.871-877, 2009. ,
Industry platforms and ecosystem innovation, Journal of product innovation management, vol.31, issue.3, pp.417-433, 2014. ,
Cyberinsecurity: The cost of monopoly, Computer and Communications Industry Association (CCIA), 2003. ,
The economics of information security investment, ACM Transactions on Information and System Security (TISSEC), vol.5, issue.4, pp.438-457, 2002. ,
The impact of the sarbanesoxley act on the corporate disclosures of information security activities, Journal of Accounting and Public Policy, vol.25, issue.5, pp.503-530, 2006. ,
Information security trade-offs and optimal patching policies, European Journal of Operational Research, vol.216, issue.2, pp.434-444, 2012. ,
In defense of disciplines: Interdisciplinarity and specialization in the research university, 2014. ,
Paying people to lie: The truth about the budgeting process, European Financial Management, vol.9, issue.3, pp.379-406, 2003. ,
Marginality and problem-solving effectiveness in broadcast search, Organization science, vol.21, issue.5, pp.1016-1033, 2010. ,
The effect of competition intensity on software security-an empirical analysis of security patch release on the web browser market, Proceedings of the 16th Annual Workshop on the Economics of Information Security, 2017. ,
Market for software vulnerabilities? think again, Management Science, vol.51, issue.5, pp.726-740, 2005. ,
An economic analysis of the software market with a risk-sharing mechanism, International Journal of Electronic Commerce, vol.14, issue.2, pp.7-40, 2009. ,
The effect of liability and patch release on software security: The monopoly case, vol.20, pp.603-617, 2011. ,
It monoculture security risks and defenses, IEEE Security & Privacy, vol.7, issue.1, pp.12-13, 2009. ,
Attack-prevention and damage-control investments in cybersecurity, Information Economics and Policy, vol.37, pp.42-51, 2016. ,
Performance pay and productivity, American Economic Review, vol.90, issue.5, pp.1346-1361, 2000. ,
The power of incentives, American Economic Review, vol.90, issue.2, pp.410-414, 2000. ,
Crowdsourcing with all-pay auctions: A field experiment on taskcn, Management Science, vol.60, issue.8, pp.2020-2037, 2014. ,
Given enough eyeballs, all bugs are shallow? revisiting eric raymond with bug bounty programs, Journal of Cybersecurity, vol.3, issue.2, pp.81-90, 2017. ,
Competition and product quality in the supermarket industry, The Quarterly Journal of Economics, vol.126, issue.3, pp.1539-1591, 2011. ,
Competition and service quality in the us airline industry, Review of industrial Organization, vol.22, issue.4, pp.275-296, 2003. ,
Exploiting software: How to break code, Invited Talk, Usenix Security Symposium, 2004. ,
Information disclosure and the diffusion of information security attacks, Information Systems Research, vol.26, issue.3, pp.565-584, 2015. ,
The optimal allocation of prizes in contests, American Economic Review, vol.91, issue.3, pp.542-558, 2001. ,
To disclose or not? an analysis of software user behavior, Information Economics and Policy, vol.19, issue.1, pp.43-64, 2007. ,
Bug auctions: Vulnerability markets reconsidered, Third Workshop on the Economics of Information Security, pp.19-26, 2004. ,
New shapes and new stakes: a portrait of open innovation as a promising phenomenon, Journal of Innovation Economics Management, issue.1, pp.11-29, 2011. ,
The rise and fall of interdisciplinary research: The case of open source innovation, Research policy, vol.42, issue.5, pp.1138-1151, 2013. ,
Are markets for vulnerabilities effective? Mis Quarterly, pp.43-64, 2012. ,
Involving consumers: the role of digital technologies in promoting 'prosumption'and user innovation, Journal of the Knowledge Economy, pp.1-20, 2016. ,
Minimum quality standards, fixed costs, and competition, The RAND Journal of economics, pp.490-504, 1991. ,
Self-selection and turnover in the labor market, The Quarterly Journal of Economics, pp.619-627, 1976. ,
Quantitatively differentiating system security, The First Workshop on Economics and Information Security, pp.16-17, 2002. ,
Managed security monitoring: Closing the window of exposure, 2000. ,
On the existence of the maximum likelihood estimates in poisson regression, Economics Letters, vol.107, issue.2, pp.310-312, 2010. ,
What are we weighting for?, Journal of Human resources, vol.50, issue.2, pp.301-316, 2015. ,
An empirical analysis of the impact of software vulnerability announcements on firm stock price. Software Engineering, IEEE Transactions on, vol.33, issue.8, pp.544-557, 2007. ,
Patch release behaviors of software vendors in response to vulnerabilities: An empirical analysis, Journal of management information systems, vol.28, issue.4, pp.305-338, 2012. ,
Innovation contests, open innovation, and multiagent problem solving. Management science, vol.54, pp.1529-1543, 2008. ,
, System reliability and free riding, pp.1-15, 2004.
Open source software and the "private-collective" innovation model: Issues for organization science, Organization science, vol.14, issue.2, pp.209-223, 2003. ,
The self-selection and effort effects of standard-based employment contracts: A framework and some empirical evidence, Accounting Review, pp.458-476, 1985. ,
Diversity and quality of information products in a monopolistically competitive industry, Information Economics and Policy, vol.4, issue.4, pp.291-303, 1990. ,
Control function methods in applied econometrics, Journal of Human Resources, vol.50, issue.2, pp.420-445, 2015. ,
An empirical study of web vulnerability discovery ecosystems, Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp.1105-1117, 2015. ,
Devising effective policies for bug-bounty platforms and security vulnerability discovery, Journal of Information Policy, vol.7, pp.372-418, 2017. ,