System Reliability and Free Riding

From Cybersecurity Wiki
Revision as of 11:53, 20 August 2010 by WikiSysop (talk | contribs) (→‎Additional Notes and Highlights)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Full Title of Reference

System Reliability and Free Riding

Full Citation

Hal Varian, "System Reliability and Free Riding," in Economics of Information Security (L. Jean Camp & Stephen Lewis eds., 2004). Web AltWeb

BibTeX

Categorization

Key Words

Cybersecurity as an Externality, Cybersecurity as a Public Good, Information Asymmetries, Interdependencies

Synopsis

System reliability often depends on the effort of many individuals, making reliability a public good. It is well-known that purely voluntary provision of public goods may result in a free rider problem: individuals may tend to shirk, resulting in an inefficient level of the public good. How much effort each individual exerts will depend on his own benefits and costs, the efforts exerted by the other individuals, and the technology that relates individual effort to outcomes. In the context of system reliability, we can distinguish three prototype cases.

  • Total effort. Reliability depends on the sum of the efforts exerted by the individuals.
  • Weakest link. Reliability depends on the minimum effort.
  • Best shot. Reliability depends on the maximum effort.

Each of these is a reasonable technology in different circumstances. Suppose that there is one wall defending a city and the probability of successful defense depends on the strength of the wall, which in turn depends on the sum of the efforts of the builders. Alternatively, think of the wall as having varying height, with the probability of success depending on the height at its lowest point. Or, finally, think of a there being several walls, where only the highest one matters. Of course, many systems involve a mixture of these cases.

The motivating example for the research reported here is computer system reliability and security where teams of programmers and system administrators create systems whose reliability depends on the effort they expend. In this sort of case, considerations of costs, benefits, and probability of failure become paramount, with income effects being a secondary concern.

Additional Notes and Highlights

Expertise Required: Economics - High

First published in ICEC2003: Fifth International Conference on Electronic Commerce, N. Sadeh, ed., ACM Press, 2003, pp. 355–366.