By software vendors offering, via the cloud, software as a service (SaaS) versions of traditionally on-premises application software, security risks associated with usage become more diversified which can greatly increase the value associated with the software. In an environment where negative...

We study the question of whether a software vendor should allow users of unlicensed (pirated) copies of a software product to apply security patches. We present a joint model of network software security and software piracy and contrast two policies that a software vendor can enforce: (i)...

We study the effect of user incentives on software security in a network of individual users under costly patching and negative network security externalities. For proprietary software or freeware, we compare four alternative policies to manage network security: (i) Consumer self patching (where...