Publication Ethics

Publication Ethics of SHIFRA

Published by Peninsula Press

Version: Revised June 25, 2026

Table of Contents

1. Introduction and Ethical Framework
2. Editorial Screening, Peer Review, and Confidentiality
3. Authorship, Acknowledgments, and Affiliations
4. Conflicts of Interest and Funding Disclosure
5. Citations and Reference Integrity
6. Originality, Similarity Screening, and Data Integrity
7. Open Access and Copyright Policy
8. Consent, Participant Privacy, and Sensitive Data
9. Security-Sensitive and Dual-Use Research
10. Data, Code, and Reproducibility
11. Corrections, Retractions, and Editorial Notes
12. AI-Assisted Writing, Generative AI, and Integrity Risks
13. Misconduct Policies and Investigations
14. Duties of Editors, Reviewers, and Authors
15. Use of Third-Party Material
16. Preprints Policy
17. Special Issues and Editorial Appointments
18. Publisher and Journal Information

By submitting a manuscript to SHIFRA, authors confirm that they have read and accepted the journal's editorial, ethical, and publication policies. Submission confirms that the manuscript is original, ethically prepared, accurately reported, and suitable for a journal covering cybersecurity, data security, information security, cryptography, network security, encryption, and emerging threats and solutions.

SHIFRA follows the principles and guidance of the Committee on Publication Ethics (COPE), including COPE guidance on editorial independence, peer review, authorship, conflicts of interest, complaints and appeals, corrections, retractions, data integrity, and publication misconduct.

All participants in the publication process, including authors, editors, reviewers, guest editors, and publishing staff, are expected to protect the integrity of the scholarly record and to act transparently, fairly, and responsibly.

1. Introduction and Ethical Framework

SHIFRA is committed to publication ethics, editorial accountability, research integrity, and responsible communication of security research. Editorial decisions are based on scholarly merit, relevance to the journal's scope, methodological soundness, ethical compliance, originality, and clarity of contribution.

Editorial decisions are not influenced by nationality, ethnicity, political views, race, religion, gender, institutional affiliation, commercial interest, or other personal characteristics of authors. Editors and reviewers must declare conflicts of interest and recuse themselves when impartial judgment may be affected.

Research involving people, organizations, systems, networks, software, logs, breach data, credentials, private datasets, or sensitive security information must comply with applicable laws, institutional requirements, ethical standards, and responsible disclosure practices.

1.1 Scope-Specific Ethical Responsibility

Authors must ensure that submitted work does not expose individuals, organizations, systems, or communities to avoidable harm. Cybersecurity and information security research should be presented with enough detail to support scholarly evaluation while avoiding unnecessary publication of exploitable secrets, live credentials, private keys, personal data, or operational details that would enable immediate misuse.

1.2 Ethical Approval and Lawful Authorization

Where research involves human participants, user studies, surveys, interviews, biometric data, behavioral data, non-public datasets, organizational logs, or testing of systems not owned by the authors, the manuscript must include appropriate statements on ethical approval, consent, permission, or lawful authorization. The journal may request supporting documentation at any stage of review.

Authors must not submit work based on unauthorized access, unlawful testing, undisclosed collection of private data, or use of data obtained in ways that violate legal, institutional, contractual, or ethical requirements.

1.3 Accuracy, Originality, and Author Responsibility

Authors must present their work accurately and objectively. Data, code, experiments, models, threat analyses, benchmarks, and results must not be fabricated, falsified, selectively reported, or manipulated in a misleading way.

Authors must ensure that all borrowed ideas, wording, code, data, images, tables, figures, and other materials are properly cited and attributed. Plagiarism, duplicate submission, redundant publication, citation manipulation, and undisclosed conflicts of interest are unacceptable.

1.4 Standards of Reporting

Manuscripts should describe methods, assumptions, datasets, evaluation settings, limitations, and security implications clearly enough to allow editorial assessment, peer review, verification, and, where ethically and legally possible, reproducibility.

2. Editorial Screening, Peer Review, and Confidentiality

All manuscripts submitted to SHIFRA undergo initial editorial screening before peer review. Editors assess scope, originality, completeness, methodological soundness, ethical compliance, clarity, conflicts of interest, data or code availability statements where relevant, and possible integrity concerns.

2.1 Pre-Review Editorial Assessment and Desk Review

A manuscript may be returned or rejected before external review if it is outside the journal's scope, lacks sufficient scholarly contribution, has serious methodological weaknesses, lacks required ethical or disclosure information, is not prepared according to submission requirements, or raises unresolved integrity concerns.

2.2 Similarity Screening and Integrity Review

Submissions may be screened using Turnitin or comparable similarity-checking tools. A Turnitin similarity report identifies text that matches other sources; it does not by itself determine plagiarism. Editors review similarity findings in context, including quotations, references, methods, reused descriptions, source attribution, and the nature and extent of overlap.

Similarity findings may lead to author clarification, revision, rejection, or further investigation. A finding of plagiarism or redundant publication requires editorial assessment of unattributed copying, improper paraphrasing, source misuse, duplicate publication, or other evidence of misconduct.

SHIFRA may also use third-party editorial integrity screening tools, including PaperGuard, provided by Peers Publishing, to help identify manuscript-level indicators that may require human editorial review. These indicators may include citation anomalies, fabricated or unverifiable references, and manipulated or unusual text patterns. Such tools are used only to support editorial assessment; they do not make automated decisions, replace peer review, or by themselves establish misconduct.

2.3 Peer Review Process and Editorial Responsibility

SHIFRA uses a single-blind peer review process: reviewers know the authors' identities, while reviewers' identities are not disclosed to authors. Each manuscript sent for external review is normally evaluated by at least two independent experts.

Reviewers are selected for expertise, independence, and ability to provide objective assessment. Authors may suggest reviewers, but they must not nominate collaborators or individuals with conflicts of interest. Reviewer recommendations inform editorial decisions, but the final decision rests with the Editor-in-Chief or assigned handling editor.

2.4 Confidentiality of Submissions and Review Materials

Submitted manuscripts, review reports, decision letters, and editorial correspondence are confidential. Editors, reviewers, and staff must not disclose manuscript content except to those directly involved in editorial evaluation or ethical investigation.

Unpublished information obtained through peer review must not be used for personal advantage or in another person's research without the author's explicit written permission. Where misconduct is suspected, relevant materials may be shared confidentially with appropriate editors, ethics advisers, institutions, or organizations in accordance with COPE guidance.

2.5 Appeals, Complaints, and Ethical Investigations

SHIFRA considers genuine appeals and complaints concerning editorial decisions, peer review, publication ethics, conflicts of interest, authorship, delays, or editorial conduct. Appeals must identify the decision being challenged and provide clear evidence or reasoned argument.

Ethical concerns are assessed according to COPE guidance. The process may include preliminary assessment, author notification and response, reviewer or editor consultation, institutional communication where necessary, and a recorded editorial decision.

2.6 Editorial Tools and Human Oversight

Secure editorial tools may support administrative screening, similarity checking, completeness checks, metadata verification, and reviewer discovery. All editorial decisions, peer review assessments, and misconduct evaluations remain under qualified human oversight.

3. Authorship, Acknowledgments, and Affiliations

Authorship provides credit and assigns responsibility for the integrity of published work. All listed authors must have made a substantial scholarly contribution, approved the submitted and final versions, and agreed to be accountable for their contribution.

3.1 Authorship Criteria

Authorship should be limited to individuals who contributed substantially to conception or design, data or code acquisition, analysis or interpretation, drafting or critical revision, and final approval. Acquisition of funding, supervision, technical assistance, or data collection alone does not automatically justify authorship.

All authors must approve the author list and order before submission. The corresponding author is responsible for communication with the journal and for confirming that all co-authors have approved the manuscript and disclosures.

3.2 Contribution Details

Authors should provide contribution information using clear categories where appropriate, such as conceptualization, methodology, software, validation, formal analysis, investigation, resources, data curation, writing, review and editing, visualization, supervision, project administration, and funding acquisition.

3.3 Changes to Authorship

Requests to add, remove, or reorder authors must include a clear reason and written agreement from all authors, including any author being added or removed. Post-publication authorship changes may require a correction notice.

3.4 Handling Authorship Disputes

SHIFRA follows COPE guidance for authorship disputes. Disputes that cannot be resolved among authors may be referred to the authors' institutions. The journal may pause review or publication until the dispute is resolved.

3.5 Deceased Authors

If an author dies during submission or review, the corresponding author must notify the editorial office. The contribution of the deceased author may be recognized in the article with appropriate confirmation from co-authors or representatives where necessary.

3.6 Affiliations

Authors must provide accurate affiliations representing where the work was conducted or supported. Current addresses may be added where an author has moved. Authors without an institutional affiliation should identify their independent status accurately.

3.7 Unique Author Identifiers (ORCID)

SHIFRA strongly encourages ORCID identifiers for all authors. ORCID identifiers are required for the first author and corresponding author.

3.8 Acknowledgments

Individuals or organizations that contributed to the work but do not meet authorship criteria should be acknowledged with permission. Financial and non-financial support should be disclosed.

4. Conflicts of Interest and Funding Disclosure

4.1 Conflicts of Interest

Authors, reviewers, editors, guest editors, and staff must disclose actual or potential conflicts of interest that could influence, or appear to influence, the publication process. Conflicts may be financial, professional, personal, institutional, intellectual, or competitive.

Authors must include a conflict-of-interest statement in the manuscript. If no conflicts exist, authors should state: "The authors declare no conflicts of interest." Editors and reviewers must decline or recuse themselves when a conflict may affect impartiality.

4.2 Funding Disclosure

Authors must disclose all funding sources and any role of sponsors in study design, data collection, analysis, interpretation, manuscript preparation, or submission. If funders had no role, this should be stated clearly.

5. Citations and Reference Integrity

References must be accurate, relevant, verifiable, and fairly selected. Authors should cite primary sources where possible and avoid misleading citation practices.

• Citations must support the claims for which they are used.
• References must not be fabricated, irrelevant, or used only to inflate citation counts.
• Excessive self-citation, citation cartels, and coordinated citation arrangements are unacceptable.
• Non-peer-reviewed sources may be cited when relevant and clearly appropriate, such as standards, datasets, vulnerability advisories, software documentation, legal materials, and technical reports.

Editors may request correction, clarification, or removal of inappropriate references. Confirmed citation manipulation may lead to editorial action in accordance with COPE guidance.

6. Originality, Similarity Screening, and Data Integrity

6.1 Plagiarism and Text Recycling

SHIFRA does not tolerate plagiarism. Plagiarism includes presenting another person's words, ideas, data, code, figures, tables, results, or creative work as one's own without proper attribution. Text recycling or reuse of an author's own previously published material must be transparent, cited where appropriate, and justified by the scholarly context.

Turnitin and similar tools may be used to generate similarity reports. Similarity scores are not treated as automatic proof of plagiarism. Editors assess matched text in context before deciding whether clarification, revision, rejection, correction, or further investigation is required.

6.2 Duplicate Submission and Publication

Authors must not submit the same manuscript to more than one journal at the same time. Manuscripts must not have been previously published in whole or in substantial part unless the submission is clearly identified as an authorized secondary publication and complies with applicable copyright and editorial requirements.

Authors who reuse their own prior work, datasets, code, figures, or methods descriptions must cite the prior work and explain the new contribution of the submitted manuscript.

6.3 Data, Code, and Results Integrity

Data fabrication, data falsification, manipulated results, misleading benchmarks, undisclosed removal of unfavorable results, inappropriate image manipulation, and misrepresentation of code or experimental settings are serious breaches of publication ethics.

Authors should retain original data, code, logs, configuration files, model parameters, and analysis materials needed to verify the work, subject to legal, ethical, security, and confidentiality restrictions. The journal may request underlying materials during review or investigation.

7. Open Access and Copyright Policy

7.1 Open Access Policy

SHIFRA is an Open Access journal. Published articles are made freely available under the Creative Commons Attribution 4.0 International License (CC BY 4.0), unless otherwise stated.

Users may read, download, copy, distribute, print, search, link to, adapt, and use published articles, including for commercial purposes, provided that appropriate credit is given to the author(s), journal, and source.

7.2 Eligibility to Submit

Authors may submit an original manuscript if they hold the necessary rights or have obtained permission from the relevant rights holder(s) for all submitted content.

7.3 Author Rights

Authors retain copyright and grant Peninsula Press non-exclusive rights to publish, distribute, preserve, and identify the article as the version of record. Third-party material must be used only with appropriate permission, license compatibility, and attribution.

7.4 Copyright Statement

The copyright and license statement should appear clearly in each published article.

8. Consent, Participant Privacy, and Sensitive Data

8.1 Consent and Ethical Approval

Research involving human participants, surveys, interviews, user studies, usability testing, behavioral experiments, biometric data, or human-derived datasets must include an ethics and consent statement where applicable. Authors should identify the approving ethics body, approval reference, consent process, and any waiver or exemption relied upon.

Consent forms should be retained securely by authors. The journal may request evidence of consent through a secure editorial channel when needed, but consent forms should not be included in public manuscript files or sent by ordinary email.

8.2 Privacy, Confidentiality, and Sensitive Data

Authors must protect personal data, private communications, credentials, private keys, internal logs, network traces, vulnerability reports, breach data, proprietary information, and other sensitive materials. Manuscripts should anonymize, aggregate, redact, or otherwise protect sensitive information unless disclosure is lawful, ethical, necessary, and appropriately authorized.

Authors must not publish live credentials, exploitable secrets, private keys, personal identifiers, or confidential organizational information. Where data cannot be shared publicly, authors should explain the restriction and provide an appropriate availability statement.

9. Security-Sensitive and Dual-Use Research

Cybersecurity research may involve dual-use knowledge, including vulnerabilities, exploits, malware analysis, attack simulations, penetration testing, cryptographic weaknesses, and defensive bypass techniques. Authors must balance scholarly transparency with responsible risk reduction.

• Testing must be lawful and authorized, especially when involving third-party systems, networks, platforms, or users.
• Responsible vulnerability disclosure should be followed where research identifies vulnerabilities in real systems or products.
• Malware, exploit code, proofs of concept, and attack workflows must be described responsibly and should not include unnecessary operational details that enable immediate harm.
• Sensitive artifacts should be redacted, delayed, restricted, or shared through controlled access when open publication would create substantial risk.

The journal may request additional information, modifications, redactions, or expert advice when a manuscript presents security-sensitive risks.

10. Data, Code, and Reproducibility

SHIFRA encourages authors to make data, code, models, protocols, and evaluation materials available in trusted repositories whenever this is legal, ethical, secure, and consistent with confidentiality obligations. Availability statements should explain where materials can be accessed or why access is restricted.

For security research, restrictions may be appropriate for sensitive datasets, private logs, vulnerability details, malware samples, proprietary code, controlled-access systems, or data subject to contractual or legal limits. Even when materials cannot be shared publicly, authors should describe methods and limitations clearly enough to support peer review and responsible scholarly evaluation.

11. Corrections, Retractions, and Editorial Notes

SHIFRA maintains the scholarly record through transparent post-publication updates in accordance with COPE guidance. When necessary, the journal may publish a correction, editorial note, expression of concern, retraction, or removal notice. Notices remain linked to the original article where possible.

11.1 Corrections

A correction may be issued when an error or omission affects interpretation, metadata, disclosures, authorship information, funding, conflicts of interest, data availability, or other parts of the published record without invalidating the article's main conclusions.

11.2 Retractions

A retraction may be issued when the journal no longer has confidence in the article's findings or integrity, including cases involving fabricated or falsified data, serious methodological error, plagiarism, duplicate publication, unethical research, compromised peer review, or other serious misconduct.

Retraction notices identify the article, explain the reason for retraction, state who initiated the retraction where appropriate, and link the notice and original article in both directions when technically possible.

11.3 Expressions of Concern

An expression of concern may be issued when credible concerns exist but an investigation is incomplete, inconclusive, delayed, or dependent on information from institutions or third parties.

11.4 Removal Notices

Removal is reserved for exceptional cases, such as legal requirements, serious rights infringement, defamation, privacy risk, or publication of information that creates immediate security or safety risk. A removal notice will be published where appropriate.

12. AI-Assisted Writing, Generative AI, and Integrity Risks

SHIFRA recognizes that generative AI and AI-assisted tools may support language editing, translation, coding assistance, or manuscript preparation. Authors remain fully responsible for all submitted content.

12.1 AI-Assisted Writing Policy

• AI tools cannot be credited as authors.
• Use of generative AI for text generation, paraphrasing, translation, code generation, image creation, or similar manuscript preparation must be disclosed in the manuscript when it materially affects the submitted work.
• Authors must verify accuracy, originality, citations, code, data, and claims generated or assisted by AI tools.
• AI tools must not be used to fabricate data, invent references, conceal plagiarism, misrepresent authorship, or generate misleading security claims.

12.2 Use of AI in Peer Review

Reviewers and editors must not upload confidential manuscripts, review reports, decision letters, or related editorial communications to public or third-party generative AI systems. GenAI must not be used to evaluate a manuscript, write a peer-review report, or make an editorial decision.

12.3 AI-Related Integrity Risks

Editors may assess indicators of inappropriate AI-assisted manipulation, including fabricated references, distorted terminology, semantic drift, unsupported claims, inconsistent methods, or unverifiable data and code. Such indicators do not automatically establish misconduct but may trigger additional editorial assessment.

13. Misconduct Policies and Investigations

SHIFRA takes allegations of research, publication, and peer-review misconduct seriously before and after publication. The journal follows COPE guidance and aims to handle concerns fairly, confidentially, and without retaliation against good-faith complainants.

13.1 Types of Misconduct

Misconduct may include plagiarism, duplicate submission or publication, data or code fabrication, data or code falsification, image manipulation, citation manipulation, undisclosed conflicts of interest, authorship manipulation, affiliation misrepresentation, peer-review manipulation, misuse of third-party material, unethical research, unlawful data collection, or irresponsible disclosure of security-sensitive information.

13.2 Investigation Process

Concerns may be raised by editors, reviewers, authors, readers, institutions, or other parties. The journal may request evidence, seek author response, consult reviewers or experts, contact institutions or other journals where appropriate, and document decisions. Authors are expected to cooperate with ethical inquiries.

13.3 Outcomes

Outcomes may include no action, clarification, manuscript revision, rejection, correction, editorial note, expression of concern, retraction, removal, notification to institutions, or other proportionate editorial action depending on the evidence and severity of the concern.

14. Duties of Editors, Reviewers, and Authors

The journal and its editorial board follow COPE principles and expect all participants to act with integrity, confidentiality, transparency, and respect.

14.1 Duties of Editors

Editors are responsible for fair and timely editorial handling, reviewer selection, conflict management, confidentiality, ethical oversight, and decisions based on scholarly merit and journal scope. Editors should correct the record when errors or ethical concerns are identified.

14.2 Duties of Reviewers

Reviewers should provide objective, constructive, timely, and confidential assessment. Reviewers must declare conflicts of interest, decline reviews outside their expertise, avoid personal criticism, and notify editors of suspected misconduct, relevant uncited work, or substantial overlap with other publications.

14.3 Duties of Authors

Authors must submit original work, report methods and results accurately, cite sources properly, disclose conflicts and funding, obtain permissions and approvals where required, protect sensitive data, cooperate with review and ethical inquiries, and promptly notify the journal of significant errors in submitted or published work.

15. Use of Third-Party Material

Authors must obtain permission or confirm appropriate licensing before using third-party text, figures, tables, screenshots, datasets, code, diagrams, images, audio, video, software documentation, or other materials not owned by them.

All third-party material must be properly attributed. Public availability on the internet does not automatically permit reuse. Authors are responsible for ensuring that permissions and licenses are compatible with publication under the journal's open access license.

16. Preprints Policy

Authors may share preprints before submission, during review, or after acceptance, provided that this does not violate legal, ethical, confidentiality, funder, institutional, or third-party requirements. Preprints are not considered redundant publication by SHIFRA.

If a preprint is accepted and published in SHIFRA, authors are encouraged to link the preprint to the final published version using the article DOI.

17. Special Issues and Editorial Appointments

17.1 Special Issue Topics

Special issue topics must fit SHIFRA's scope and editorial standards. Calls for papers should describe the topic, expected contribution, submission process, review process, and timeline clearly.

17.2 Appointment of Guest Editors

Guest editors are selected based on subject expertise, editorial experience, academic integrity, and absence of unmanaged conflicts of interest. Appointments are approved by the Editor-in-Chief with Editorial Board oversight.

17.3 Editorial and Review Process for Special Issues

Special issue submissions follow the same ethics, originality, peer review, conflict-of-interest, data, and correction policies as regular submissions. Guest editors may manage review and recommend decisions, but final acceptance decisions remain with the Editor-in-Chief or assigned SHIFRA editor.

17.4 Publication Timing

Submissions are considered according to editorial readiness, peer review outcome, and publication schedule. Special issues must not compromise peer review quality, editorial independence, or publication ethics.

18. Publisher and Journal Information

SHIFRA is published by Peninsula Press. The journal is dedicated to ethical dissemination of research in cybersecurity, data security, information security, cryptography, network security, encryption, and emerging threats and solutions.

SHIFRA follows COPE principles and maintains publicly available policies on publication ethics, peer review, authorship, conflicts of interest, complaints and appeals, corrections and retractions, data integrity, open access, copyright, and responsible use of AI-assisted technologies.

For more information, please visit: COPE | COPE Flowcharts | Creative Commons Attribution 4.0 International License (CC BY 4.0)

Version: Revised June 25, 2026

© SHIFRA — Peninsula Press — Published in adherence to COPE principles.