We study operational and managerial problems arising in the context of security monitoring where sessions, rather than raw individual events, are monitored to prevent attacks. The objective of the monitoring problem is to maximize the benefit of monitoring minus the monitoring cost. The key trade-off in our model is that as more sessions are monitored, the attack costs should decrease. However, the monitoring cost would likely increase with the number of sessions being monitored. A key step in solving the problem is to derive the probability density of a system with n sessions being monitored with a session's age measured as the time elapsed since it last generated a suspicious event. We next optimize the number of sessions monitored by trading off the attack cost saved with the cost of monitoring. A profiling step is added prior to monitoring and a resulting two-dimensional optimization problem is studied. Through numerical simulation, we find that a simple size-based policy is quite robust for a very reasonable range of values and, under typical situations, performs almost as well as the two more sophisticated policies do. Also, we find that adopting a simplified policy without using the option of managing sessions using age threshold can greatly increase the ease of finding an optimal solution, and reduce operational overhead with little performance loss compared with a policy using such an option. The insights gained from the mechanics of profiling and monitoring are leveraged to suggest a socially optimal contract for outsourcing these activities in a reward-based contract. We also study penalty-based contracts. Such contracts (specifically, when the penalty is levied as a percentage of the monthly service fee) do not achieve the social optimum. We show how an appropriate penalty coefficient can be chosen to implement a socially optimal penalty-based contract. In addition, we provide a high-level comparison between reward- and penalty-based contracts. In a penalty-based contract, the setting of the fixed payment can be challenging because it requires additional knowledge of the total expected malicious event rate, which needs to be observed through a period of no monitoring.
Software product versioning (i.e., upgrading the product after its initial release) is a widely adopted practice followed by leading software providers such as Microsoft, Oracle, and IBM. Unlike conventional durable goods, software products are relatively easy to upgrade, making upgrades a strategic consideration in commercial software production. We consider a two-period model with a monopoly software provider who develops and releases a software product to the market. Unlike previous research, we consider demand variability and endogeneity to determine the functionality of the software in the first and second periods. Demand endogeneity is the impact of the word-of-mouth effect that positively relates the features in the initial release of the product to its demand in the second period. We also determine the design effort that should be spent in the first period to prepare for upgrading the product in the second period—upgrade design effort—to tap into the possible future demand. Results show that the upgrade design effort can be lower or higher when there is more market demand uncertainty. We also show that the features of the product in its initial release and upgrade design effort can be complements as well as substitutes, depending on the strength of the word-of-mouth effect. The results in this paper provide insights into how demand-side factors (market demand variability or demand endogeneity) can influence supply-side decisions (initial features and upgrade design effort). A key insight of the analysis is that a high word-of-mouth effect helps manage the product in the face of demand variability.
We study the problem of optimally allocating effort between software construction and debugging. As construction proceeds, new errors are introduced into the system. The objective is to deliver a system of the highest possible quality (fewest number of errors) subject to the constraint that N system modules are constructed in a specified duration T. If errors are not corrected during construction, then further construction can produce errors at a faster rate. To curb the growth of errors, some of the effort must be taken away from construction and assigned to testing and debugging. A key finding of this model is that the practice of alternating between pure construction and pure debugging is suboptimal. Instead, it is desirable to concurrently construct and debug the system. We extend the above model to integrate decisions traditionally considered "external" such as the time to release the product to the market with those that are typically treated as "internal" such as the division of effort between construction and debugging. Results show that integrating these decisions can yield significant reduction in the overall cost. Also, when competitive forces are strong, it may be better to release a product early (with more errors) than late (with fewer errors). Thus, underestimating the cost of errors in the product may be better than overestimating the cost.