Revisión sobre la gestión de la seguridad en Internet de las Cosas

Autores/as

  • Mónica Peña Casanova Universidad de Ciencias Informáticas

Palabras clave:

gestión de la seguridad, Internet de las cosas, políticas d

Resumen

La seguridad en entornos de Internet de las Cosas enfrenta desafíos críticos debido al crecimiento exponencial de dispositivos, la heterogeneidad tecnológica y la constante evolución de amenazas. El objetivo de este artículo es analizar mecanismos de protección, marcos de referencia y modelos de gestión aplicados a IoT mediante revisión sistemática de literatura. Se realizó una búsqueda en las bases de datos IEEE Xplore, ACM Digital Library, ScienceDirect, SpringerLink y MDPI en el período del 2022 hasta el 2025, incluyendo en este trabajo 40 publicaciones luego de un proceso de cribado en cuatro fases según criterios de inclusión y exclusión predefinidos. El análisis cualitativo descriptivo-comparativo identificó subdominios prioritarios en gestión de la seguridad IoT: privacidad, autenticación y autorización, gestión de confianza, control de políticas, detección de intrusiones, cifrado, blockchain, arquitecturas de confianza cero y cumplimiento normativo. Los resultados muestran que los enfoques más efectivos integran múltiples capas de protección, combinando autenticación ligera basada en atributos, detección mediante aprendizaje automático y gobernanza descentralizada. A partir de estos resultados, se concluye que la integración de enfoques técnicos, metodológicos y normativos proporciona mayor resiliencia y trazabilidad, aunque persisten desafíos significativos de escalabilidad, interoperabilidad y estandarización. Además, se identifican vacíos importantes en la implementación práctica a gran escala y la evaluación en entornos reales de producción.

Citas

Peoples, C., Moore, A., Zoualfaghari, M., Kulkarni, P., & Abu-Tair, M. (2022). Chapter 24— Customizable service level agreement (SLA) generator platform using FCAPS management to enhance Quality of Experience (QoE) on Internet of Things (IoT). In J. R.Vacca (Ed.), Smart Cities Policies and Financing (pp. 335–351). Elsevier. https://doi.org/10.1016/B978-0-12-819130-9.00032-2

Mekrache,A., Ksentini,A., & Verikoukis,C. (2024). Machine Learning in FCAPS: Toward Enhanced Beyond 5G Network Management. IEEE Communications Surveys & Tutorials, 26(4), 2769–2797. https://doi.org/10.1109/COMST.2024.3395414

Aiche, A., Tardif, P.-M., & Erritali, M. (2024). Modeling Trust in IoT Systems for Drinking- Water Management. Future Internet, 16(8), 273. https://doi.org/10.3390/fi16080273

Santos, C. E. M., Correia Filho, P. T. de J., Canciglieri Junior, O., & Schaefer, J. L. (2025). The role of integrated information management systems in the relationship between product lifecycle management and Industry 4.0 technologies and market performance. Sustainability, 17(12), 5260. https://doi.org/10.3390/su17125260

Zhou, H., Gao, H., Ma, Z., & Lai, G. (2025). Blockchain-based trusted data management with privacy preservation for secure IoT systems. Sensors, 25(14), 4344. https://doi.org/10.3390/s25144344

Dallel, O., Ayed, S. B., & Tahar, J. B. H. (2024). Blockchain-based authorization mechanism for educational social Internet of Things. IEEE Access, 12, 42888–42907. https://doi.org/10.1109/ACCESS.2024.3379300

Rana, M., Mamun, Q., & Islam, R. (2023). Enhancing IoT Security: An Innovative Key Management System for Lightweight Block Ciphers. Sensors, 23(18), 7678. https://doi.org/10.3390/s23187678

Jayaweera, R., Agrawal, H., & Karie, N. M. (2025). Federated Security for Privacy Preservation of Healthcare Data in Edge-Cloud Environments. Sensors, 25(16), 5108. https://doi.org/10.3390/s25165108

Jang, H., Choi, J., Son, S., Kwon, D., & Park, Y. (2025). Provably Secure and Privacy-Preserving Authentication Scheme for IoT-Based Smart Farm Monitoring Environment. Electronics, 14(14), 2783. https://doi.org/10.3390/electronics14142783

Choudhary, A. (2024). Internet of Things: a comprehensive overview, architectures, applications, simulation tools, challenges and future directions. Discover Internet of Things, 4(1), 31. https://doi.org/10.1007/s43926-024-00084-3

Bojič Burgos, J., & Pustišek, M. (2024). Decentralized IoT Data Authentication with Signature Aggregation. Sensors, 24(3), 1037. https://doi.org/10.3390/s24031037 Dirin, A., Oliver, I., & Laine, T. H. (2023). A Security Framework for Increasing Data and Device Integrity in Internet of Things Systems. Sensors, 23(17), 7532. https://doi.org/10.3390/s23177532

Harada, R., Tanaka, K., Suzuki, Y., & Nakamura, H. (2022). Quick suppression of DDoS attacks by frame priority control in IoT backhaul with construction of Mirai-based attacks. IEEE Access, 10, 22392–22399. https://doi.org/10.1109/ACCESS.2022.3153067

Affinito, A., Zinno, S., Stanco, G., Botta, A., & Ventre, G. (2023). The evolution of Mirai botnet scans over a six-year period. Journal of Information Security and Applications, 79, 103629. https://doi.org/10.1016/j.jisa.2023.103629

Wang, S. (2025). Network security protection model of electric power information system based on hierarchical weight pruning algorithm optimizing OD-CNN algorithm. Journal of Cyber Security and Mobility, 14(3), 673–700. https://doi.org/10.13052/jcsm2245- 1439.1437

Rouf, M. A., Silvia, A. R., Roy, M. K., Das, S. K., & Chaity, S. K. (2025). Proposing a framework to prevent Distributed Denial of Service (DDoS) attacks on IoT devices. Proceedings of the 3rd International Conference on Computing Advancements (ICCA ’24), 1066–1073. Association for Computing Machinery. https://doi.org/10.1145/3723178.3723319

Rodríguez, E., Valls, P., Otero, B., Costa, J. J., Verdú, J., Pajuelo, M. A., & Canal, R. (2022). Transfer-Learning-Based Intrusion Detection Framework in IoT Networks. Sensors, 22(15), 5621. https://doi.org/10.3390/s22155621

Orellana, C., Cereceda-Balic, F., Solar, M., & Astudillo, H. (2024). Enabling Design of Secure IoT Systems with Trade-Off-Aware Architectural Tactics. Sensors, 24(22), 7314. https://doi.org/10.3390/s24227314

Salehi Shahraki, A., Lauer, H., Grobler, M., Sakzad, A., & Rudolph, C. (2023). Access Control, Key Management, and Trust for Emerging Wireless Body Area Networks. Sensors, 23(24), 9856. https://doi.org/10.3390/s23249856

Lin, T.-W. (2022). A Privacy-Preserved ID-Based Secure Communication Scheme in 5G-IoT Telemedicine Systems. Sensors, 22(18), 6838. https://doi.org/10.3390/s22186838

Michaelides, S., Mucke, J., & Henze, M. (2025). Assessing the Latency of Network Layer Security in 5G Networks. In 18th ACM Conference on Security and Privacy in Wireless and Mobile Networks (pp. 262–267). ACM. https://doi.org/10.1145/3734477.3734722

Nguyen, P., Nguyen, H.-H., Phung, P., Truong, H.-L., & Cheung, T. (2025). Advanced context- sensitive access management for edge-driven IoT data sharing as a service. ACM Transactions on Internet Technology, 25(2), Article 9, 1–31. https://doi.org/10.1145/3721430

Lin, H.-Y., Tsai, T.-T., Ting, P.-Y., & Chan, P.-C. (2024). CL-SML: Secure certificateless signature with message linkages for IoT-based fog computing environments. Proceedings of the 2023 5th International Conference on Big-Data Service and Intelligent Computation (BDSIC ’23) (pp. 9–15). Association for Computing Machinery. https://doi.org/10.1145/3633624.3633626

Shin, S., Park, M., Kim, T., & Yang, H. (2024). Architecture for Enhancing Communication Security with RBAC IoT Protocol-Based Microgrids. Sensors, 24(18), 6000. https://doi.org/10.3390/s24186000

Babbar, H., Rani, S., & Shabaz, M. (2025). Federated learning with enhanced cryptographic security for vehicular cyber-physical systems. Scientific Reports, 15, 28593. https://doi.org/10.1038/s41598-025-14341-0

Höglund, R., Tiloca, M., Selander, G., Mattsson, J. P., Vučinić, M., & Watteyne, T. (2024). Secure communication for the IoT: EDHOC and (group) OSCORE protocols. IEEE Access, 12, 49865–49877. https://doi.org/10.1109/ACCESS.2024.3384095

Yang, W., Wang, X., Zhang, Z., Chen, S., Hou, C., & Luo, S. (2025). Intrusion detection using hybrid Pearson correlation and GS-PSO optimized random forest technique for RPL- based IoT. IEEE Access, 13, 78320–78334. https://doi.org/10.1109/ACCESS.2025.3566368

Fotse, Y. S. N., Tchendji, V. K., & Velempini, M. (2025). Federated learning based DDoS attacks detection in large scale software-defined network. IEEE Transactions on Computers, 74(1), 101–115. https://doi.org/10.1109/TC.2024.3474180

Ali, W., Din, I. U., Almogren, A., & Kim, B. S. (2022). A Novel Privacy Preserving Scheme for Smart Grid-Based Home Area Networks. Sensors (Basel, Switzerland), 22(6), 2269. https://doi.org/10.3390/s22062269

Alazab, M., Awajan, A., Alazzam, H., Wedyan, M., Alshawi, B., & Alturki, R. (2024). A Novel IDS with a Dynamic Access Control Algorithm to Detect and Defend Intrusion at IoT Nodes. Sensors (Basel, Switzerland), 24(7), 2188. https://doi.org/10.3390/s24072188

Yang, Z., Chen, X., He, Y., Liu, L., Che, Y., Wang, X., Xiao, K., & Xu, G. (2024). An attribute- based access control scheme using blockchain technology for IoT data protection. High- Confidence Computing, 4(3), 100199. https://doi.org/10.1016/j.hcc.2024.100199

Alzahrani, N. (2025). A verifiably secure and lightweight device-to-device (D2D) authentication protocol for the resource-constrained IoT networks. IEEE Access, 13, 92982–92996. https://doi.org/10.1109/ACCESS.2025.3568692

Chaganti, K. C. (2025). A scalable, lightweight AI-driven security framework for IoT ecosystems: Optimization and game theory approaches. IEEE Access, 13, 72235–72247. https://doi.org/10.1109/ACCESS.2025.3558623

Junior, N. F., Silva, A. A. A. d., Guelfi, A. E., Ueda, E. T., & Kofuji, S. T. (2025). FedSensor: Federated learning framework for secure sensor-based IoT at the extreme edge. IEEE Access, 13, 136945–136969. https://doi.org/10.1109/ACCESS.2025.3595490

Brancati, F., Mongelli, D., Mariotti, F., Ceccarelli, A., Bondavalli, A., & Buonanno, L. (2025). A cybersecurity risk assessment methodology for industrial automation control systems. International Journal of Information Security, 24(1), 76. https://doi.org/10.1007/s10207- 025-00990-9

Pathak, A., Al-Anbagi, I., & Hamilton, H. J. (2023). TABI: Trust-based ABAC mechanism for Edge-IoT using blockchain technology. IEEE Access, 11, 36379–36398. https://doi.org/10.1109/ACCESS.2023.3265349

Son, S., Kwon, D., Lee, S., Kwon, H., & Park, Y. (2024). A zero-trust authentication scheme with access control for 6G-enabled IoT environments. IEEE Access, 12, 154066–154079. https://doi.org/10.1109/ACCESS.2024.3484522

Cao, Y., Li, J., Chao, K., Xiao, J., & Lei, G. (2024). Blockchain meets generative behavior steganography: A novel covert communication framework for secure IoT edge computing. Chinese Journal of Electronics, 33(4), 886–898. https://doi.org/10.23919/cje.2023.00.382

Yang, Y.-C., Lu, K.-F., Chen, Y.-X., & Tsay, R.-S. (2025). Ensuring GDPR compliance in IoT network with a glass box security guard system. IEEE Transactions on Privacy, 2, 27–40. https://doi.org/10.1109/TP.2025.3546854

Malik, V., Mittal, R., Mavaluru, D., Narapureddy, B. R., Goyal, S. B., Martin, R. J., Srinivasan, K., & Mittal, A. (2023). Building a secure platform for digital governance interoperability and data exchange using blockchain and deep learning-based frameworks. IEEE Access, 11, 70110–70131. https://doi.org/10.1109/ACCESS.2023.3293529

Descargas

Publicado

2026-02-16

Cómo citar

Peña Casanova, M. (2026). Revisión sobre la gestión de la seguridad en Internet de las Cosas. Revista Cubana De Transformación Digital, 6, e285:1–16. Recuperado a partir de https://rctd.uic.cu/rctd/article/view/285

Número

Vol. 6 (2025): (PUBLICACIÓN CONTINUA)

Sección

Artículos de revisión

Licencia

Derechos de autor 2026 Mónica Peña Casanova

Creative Commons License

Esta obra está bajo una licencia internacional Creative Commons Atribución-NoComercial 4.0.