Internet de las Cosas: Sistemas de Autenticación en la Domótica

Fernández Rodríguez, Nicolás

Internet de las Cosas: Sistemas de Autenticación en la Domótica

dc.contributor.advisor	Contreras Ortiz, Marta Susana
dc.contributor.author	Fernández Rodríguez, Nicolás
dc.contributor.corporatename	Universidad Santo Tomás	spa
dc.date.accessioned	2025-01-27T14:56:38Z
dc.date.available	2025-01-27T14:56:38Z
dc.date.issued	2025-01-23
dc.description	Los sistemas de autenticación, son aquellas estrategias utilizadas para proteger la información de los usuarios y asegurar que solo los individuos autorizados tengan acceso a esta. Hoy en día cualquier sistema que requiera almacenar datos debe estar protegido para asegurar su seguridad, ahora bien, dentro de un hogar inteligente, para tener un buen funcionamiento, se necesita conectar todos los dispositivos electrónicos entre sí lo que significa un constante flujo de datos entre estos y como consecuencia aumenta probabilidad de ser atacado por un delincuente informático. Por esta razón, en este estudio se investigarán las vulnerabilidades y los factores que afectan los sistemas de autenticación en la domótica, utilizando la metodología PRISMA para realizar una revisión sistemática de la literatura para analizar qué vulnerabilidades en los sistemas de autenticación pueden ser explotadas y qué estrategias son efectivas para mitigar estos riesgos. Los resultados indican que las principales vulnerabilidades incluyen: debilidad de contraseñas, falta de cifrado de datos, vulnerabilidades de hardware, ataques de suplantación, inyecciones de software, ataques de replay, y se identificaron estrategias efectivas para mitigar estos riesgos, tales como: cifrado de extremo a extremo, autenticación multifactor, Blockchain, protocolos de autenticación seguros, actualizaciones de seguridad automatizadas, tecnologías de hardware seguras, Deep Learning para detección de anomalías y protocolos de conocimiento cero (Zero-Knowledge Proofs).	spa
dc.description.degreelevel	Pregrado	spa
dc.description.degreename	Ingeniero Informático	spa
dc.format.mimetype	application/pdf
dc.identifier.citation	Fernández, N (2024). Internet de las Cosas: Sistemas de Autenticación en la Domótica. [Trabajo de Grado, Universidad Santo Tomás]. Repositorio Institucional.	spa
dc.identifier.instname	instname:Universidad Santo Tomás	spa
dc.identifier.reponame	reponame:Repositorio Institucional Universidad Santo Tomás	spa
dc.identifier.repourl	repourl:https://repository.usta.edu.co	spa
dc.identifier.uri	http://hdl.handle.net/11634/59502
dc.language.iso	spa
dc.publisher	Universidad Santo Tomás	spa
dc.publisher.branch	CRAI-USTA Tunja	spa
dc.publisher.faculty	Facultad de Ingeniería de Sistemas	spa
dc.publisher.program	Ingeniería Informática	spa
dc.relation.references	“¿Qué es el Internet de las cosas (IoT)? \| Oracle Colombia.” Accessed: Mar. 07, 2024. [Online]. Available: https://www.oracle.com/co/internet-of things/what-is-iot/	spa
dc.relation.references	“¿Qué es el Internet de las cosas (IoT)? \| IBM.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.ibm.com/mx-es/topics/internet-of-things	spa
dc.relation.references	“¿Qué es IoT? - Explicación del Internet de las cosas - AWS.” Accessed: Jan. 15, 2025. [Online]. Available: https://aws.amazon.com/es/what-is/iot/	spa
dc.relation.references	“With 26.4% CAGR, Internet of Things (IoT) Market Worth USD.” Accessed: Nov. 20, 2024. [Online]. Available: https://www.globenewswire.com/news release/2022/08/03/2491076/0/en/With-26-4-CAGR Internet-of-Things-IoT-Market-Worth-USD-2465-26 Billion-by-2029.html	spa
dc.relation.references	“¿Qué es la domótica y para qué sirve? \| Repsol.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.repsol.com/es/energia-futuro/tecnologia innovacion/que-es-la-domotica/index.cshtml	spa
dc.relation.references	“Domótica - Qué es, definición y concepto.” Accessed: Jan. 15, 2025. https://definicion.de/domotica/ [Onl	spa
dc.relation.references	“La domótica y el Internet de las Cosas.” Accessed: Jan. 15, 2025. [Online]. Available: https://alfaiot.com/actualidad-iot/la-domotica-y-el internet-de-las-cosas/	spa
dc.relation.references	“Smart Buildings y casas domóticas: Edificios inteligentes.” Accessed: Nov. 20, 2024. [Online]. Available: https://www.fundacionendesa.org/es/educacion/endesa educa/recursos/smart-building-casa-domotica	spa
dc.relation.references	“¿Qué es la ciberseguridad? - Soporte técnico de Microsoft.” Accessed: Jan. 15, 2025. [Online]. Available: https://support.microsoft.com/es-es/topic/ qu%C3%A9-es-la-ciberseguridad-8b6efd59-41ff-4743 87c8-0850a352a390	spa
dc.relation.references	“¿Qué es la autenticación? Definición y métodos \| Seguridad de Microsoft.” Accessed: Apr. 27, 2024. [Online]. Available: https://www.microsoft.com/es co/security/business/security-101/what-is-authentication	spa
dc.relation.references	“¿Qué es la autenticación? \| IBM.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.ibm.com/es es/think/topics/authentication	spa
dc.relation.references	updated guideline for reporting systematic reviews,” J Clin Epidemiol, vol. 134, pp. 178–189, Jun. 2021, doi: 10.1016/j.jclinepi.2021.03.001.	spa
dc.relation.references	M. J. Page et al., “The PRISMA 2020 statement: An updated guideline for reporting systematic reviews,” The BMJ, vol. 372, Mar. 2021, doi: 10.1136/BMJ.N71.	spa
dc.relation.references	“PRISMA2020 \| Evidence Synthesis Hackathon.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.eshackathon.org/software/PRISMA2020.ht ml	spa
dc.relation.references	N. R. Haddaway, M. J. Page, C. C. Pritchard, and L. A. [26] McGuinness, “PRISMA2020: An R package and Shiny app for producing PRISMA 2020-compliant flow diagrams, with interactivity for optimised digital transparency and Open Synthesis,” Campbell Systematic Reviews, vol. 18, no. 2, Jun. 2022, doi: 10.1002/CL2.1230.	spa
dc.relation.references	A. Bhardwaj, S. Bharany, A. W. Abulfaraj, A. Osman Ibrahim, and W. Nagmeldin, “Fortifying home IoT security: A framework for comprehensive examination of vulnerabilities and intrusion detection strategies for smart cities,” Egyptian Informatics Journal, vol. 25, Mar. 2024, doi: 10.1016/j.eij.2024.100443.	spa
dc.relation.references	E. Simeoni et al., “A secure and scalable smart home gateway to bridge technology fragmentation,” Sensors, vol. 21, no. 11, Jun. 2021, doi: 10.3390/s21113587.	spa
dc.relation.references	T. Sylla, L. Mendiboure, M. A. Chalouf, and F. Krief, “Blockchain-based context-aware authorization management as a service in iot,” Sensors, vol. 21, no. 22, Nov. 2021, doi: 10.3390/s21227656.	spa
dc.relation.references	N. Alturki et al., “Efficient and Secure IoT Based Smart Home Automation Using Multi-Model Learning and Blockchain Technology,” CMES - Computer Modeling in Engineering and Sciences, vol. 139, no. 3, pp. 3387 3415, Mar. 2024, doi: 10.32604/cmes.2023.044700.	spa
dc.relation.references	H. Fatima, H. U. Khan, and S. Akbar, “Home Automation and RFID-Based Internet of Things Security: Challenges and Issues,” 2021, Hindawi Limited. doi: 10.1155/2021/1723535.	spa
dc.relation.references	M. Bouzidi, A. Amro, Y. Dalveren, F. Alaya Cheikh, and M. Derawi, “LPWAN Cyber Security Risk Analysis: Building a Secure IQRF Solution,” Sensors, vol. 23, no. 4, Feb. 2023, doi: 10.3390/s23042078.	spa
dc.relation.references	A. Gupta and G. S. Kasbekar, “Secure, Anonymity Preserving and Lightweight Mutual Authentication and Key Agreement Protocol for Home Automation IoT Networks,” in 2022 14th International Conference on COMmunication Systems and NETworkS, COMSNETS 2022, Institute of Electrical and Electronics Engineers Inc., 2022, pp. 375–383. 10.1109/COMSNETS53615.2022.9668450.	spa
dc.relation.references	X. Wang, C. Gu, F. Wei, and S. Lu, “Security and Privacy for Edge-Assisted Internet of Things Security Proof for the SKKE Protocol,” Security and Communication Networks, vol. 2021, 2021, doi: 10.1155/2021/9029664.	spa
dc.relation.references	A. Jain, T. Singh, and S. K. Sharma, “Security as a solution: An intrusion detection system using a neural network for IoT enabled healthcare ecosystem,” Interdisciplinary Journal of Information, Knowledge, and Management, vol. 16, pp. 331–369, 2021, doi: 10.28945/4838.	spa
dc.relation.references	10.28945/4838. M. Wazid, A. K. Das, S. Shetty, and M. Jo, “A Tutorial and Future Research for Building a Blockchain-Based Secure Communication Scheme for Internet of Intelligent Things,” IEEE Access, vol. 8, pp. 88700 88716, 2020, doi: 10.1109/ACCESS.2020.2992467.	spa
dc.relation.references	A. Aldahmani, B. Ouni, T. Lestable, and M. Debbah, “Cyber-Security of Embedded IoTs in Smart Homes: Challenges, Requirements, Countermeasures, and 4, Trends,” IEEE Open Journal of Vehicular Technology, vol. pp. 281–292, 10.1109/OJVT.2023.3234069.	spa
dc.relation.references	K. Nimmy, S. Sankaran, K. Achuthan, and P. Calyam, “Lightweight and Privacy-Preserving Remote User Authentication for Smart Homes,” IEEE Access, vol. 10, pp. 176–190, 2022, doi: 10.1109/ACCESS.2021.3137175.	spa
dc.relation.references	J. I. I. Araya and H. Rifà-Pous, “Anomaly-based cyberattacks detection for smart homes: A systematic literature review,” Jul. 01, 2023, Elsevier B.V. doi: 10.1016/j.iot.2023.100792.	spa
dc.relation.references	N. Y. R. Douha, M. Bhuyan, S. Kashihara, D. Fall, Y. Taenaka, and Y. Kadobayashi, “A survey on blockchain, SDN and NFV for the smart-home security,” Nov. 01, 2022, Elsevier B.V. doi: 10.1016/j.iot.2022.100588.	spa
dc.relation.references	T. A. Al-Amiedy et al., “A systematic literature review on attacks defense mechanisms in RPL-based 6LoWPAN of Internet of Things,” Jul. 01, 2023, Elsevier B.V. doi: 10.1016/j.iot.2023.100741.	spa
dc.relation.references	S. A. Bakhsh, M. A. Khan, F. Ahmed, M. S. Alshehri, H. Ali, and J. Ahmad, “Enhancing IoT network security through deep learning-powered Intrusion Detection System,” Internet of Things (Netherlands), vol. 24, Dec. 2023, doi: 10.1016/j.iot.2023.100936.	spa
dc.relation.references	M. El-Hajj, A. Fadlallah, M. Chamoun, and A. Serhrouchni, “A survey of internet of things (IoT) authentication schemes,” Sensors (Switzerland), vol. 19, no. 5, Mar. 2019, doi: 10.3390/s19051141.	spa
dc.relation.references	J. Y. Lee, W. C. Lin, and Y. H. Huang, “A lightweight authentication protocol for Internet of Things,” 2014 International Symposium Electronics, ISNE 10.1109/ISNE.2014.6839375. on 2014, Next-Generation 2014, doi:	spa
dc.relation.references	X. Li, Q. Wang, X. Lan, X. Chen, N. Zhang, and D. Chen, “Enhancing cloud-based IoT security through trustworthy cloud service: An integration of security and reputation approach,” IEEE Access, vol. 7, pp. 9368 9383, 2019, doi: 10.1109/ACCESS.2018.2890432.	spa
dc.relation.references	V. Singh and C. Kant, “Biometric-Based Authentication in Internet of Things (IoT): A Review,” Lecture Notes in Networks and Systems, vol. 392, pp. 309–317, 2022, doi: 10.1007/978-981-19-0619-0_27.	spa
dc.relation.references	“Qué es: Autenticación multifactor - Soporte técnico de Microsoft.” Accessed: Jun. 02, 2024. [Online]. Available: https://support.microsoft.com/es es/topic/qu%C3%A9-es-autenticaci%C3%B3n multifactor-e5e39437-121c-be60-d123-eda06bddf661	spa
dc.relation.references	multifactor-e5e39437-121c-be60-d123-eda06bddf661 “¿Qué es el cifrado de extremo a extremo? \| IBM.” Accessed: Jun. 02, 2024. [Online]. Available: https://www.ibm.com/es-es/topics/end-to-end encryption	spa
dc.relation.references	A. K. Al Hwaitat et al., “A New Blockchain-Based Authentication Framework for Secure IoT Networks,” [51] Electronics 2023, Vol. 12, Page 3618, vol. 12, no. 17, p. 3618, Aug. 2023, 10.3390/ELECTRONICS12173618.	spa
dc.relation.references	Z. Chen, Y. Jiang, X. Song, and L. Chen, “A Survey on Zero-Knowledge Authentication for Internet of Things,” Electronics (Switzerland), vol. 12, no. 5, Mar. 2023, doi: 10.3390/ELECTRONICS12051145.	spa
dc.relation.references	“VOSviewer - Visualizing scientific landscapes.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.vosviewer.com/	spa
dc.relation.references	S. Chauhan and N. K. Panda, “Online Security,” Hacking Web Intelligence, pp. 203–216, 2015, doi: 10.1016/B978-0-12-801867-5.00011-2.	spa
dc.relation.references	“Políticas de contraseñas débiles \| KeepCoding Bootcamps.” Accessed: Jan. 15, 2025. [Online]. Available: https://keepcoding.io/blog/politicas-de contrasenas-debiles/#Contrasenas_debiles	spa
dc.relation.references	“¿Qué es el cifrado? \| IBM.” Accessed: Jan. 15, 2025. [Online]. Available: es/topics/encryption https://www.ibm.com/es	spa
dc.relation.references	“Cifrado de datos: ¿Qué es y cómo funciona?” Accessed: Jan. 15, 2025. [Online]. Available: https://www.avast.com/es-es/c-encryption	spa
dc.relation.references	“¿Qué es un ataque de intermediario (MITM)? \| IBM.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.ibm.com/es-es/think/topics/man-in-the middle	spa
dc.relation.references	“Ataque Man-in-the-Middle: qué es, cómo funciona y cómo protegerte de él.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.xataka.com/basics/ataque-man-in-the middle-que-como-funciona-como-protegerte	spa
dc.relation.references	“¿Qué es un ataque de reproducción y cómo evitarlo?” Accessed: Jan. 15, 2025. [Online]. Available: https://latam.kaspersky.com/resource center/definitions/replay attack?srsltid=AfmBOorHrlt7zkCi7tRpbk14miGT4fJzb 5tXP9uWA7osRgRzmqU5hBqB	spa
dc.relation.references	“Ataques de repetición (Replay) - BSAM-AP-05.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.tarlogic.com/bsam/es/controles/ataques repeticion-bluetooth/	spa
dc.relation.references	“¿Qué es la autenticación multifactor? - Explicación de la autenticación multifactor - AWS.” Accessed: Jan. 15, 2025. [Online]. https://aws.amazon.com/es/what-is/mfa/ Available:	spa
dc.relation.references	https://aws.amazon.com/es/what-is/mfa/ Available: “¿Qué es Blockchain? \| IBM.” Accessed: Jan. 15, 2025. [Online]. Available: es/topics/blockchain	spa
dc.relation.references	“¿Qué es la tecnología de cadena de bloques? - Explicación de la cadena de bloques - AWS.” Accessed: Jan. 15, 2025. [Online]. Available: https://aws.amazon.com/es/what-is/blockchain/?aws products-all.sort by=item.additionalFields.productNameLowercase&aws	spa
dc.relation.references	“¿Qué es OAuth 2.0 y para qué sirve? - Auth0.” Accessed: Jan. 15, 2025. [Online]. Available: https://auth0.com/es/intro-to-iam/what-is-oauth-2	spa
dc.relation.references	“¿Qué es OpenID Connect y para qué se utiliza? - Auth0.” Accessed: Jan. 15, 2025. [Online]. Available: https://auth0.com/es/intro-to-iam/what-is-openid connect-oidc	spa
dc.relation.references	“¿Qué es el cifrado de conocimiento cero y cómo funciona?” Accessed: Jan. 15, 2025. [Online]. Available: https://ciberseguridad.com/guias/prevencion proteccion/criptografia/cifrado-conocimiento cero/#%C2%BFQue_es_el_cifrado_de_conocimiento_c ero	spa
dc.relation.references	“¿Qué es un ataque de fuerza bruta? \| Cloudflare.” Accessed: Jan. 15, 2025. [Online]. Available: https://www.cloudflare.com/es-es/learning/bots/brute force-attack/	spa
dc.relation.references	“ISO - Search.” Accessed: Jan. 18, 2025. [Online]. Available: https://www.iso.org/es/search.html?PROD_isoorg_es% 5Bquery%5D=IoT&PROD_isoorg_es%5Bmenu%5D% 5Bfacet%5D=standard	spa
dc.relation.references	“Cybersecurity \| NIST.” Accessed: Jan. 18, 2025. [Online]. Available: https://www.nist.gov/cybersecurity	spa
dc.relation.references	“Decreto 338 de 2022 Nivel Nacional.” Accessed: Jan. 18, 2025. [Online]. Available: https://www.alcaldiabogota.gov.co/sisjur/normas/Norma 1.jsp?i=121646&utm_source= “Decreto 338 de 2022 Nivel Nacional.” Accessed: Jan. 18, 2025. [Online]. Available: https://www.alcaldiabogota.gov.co/sisjur/normas/Norma 1.jsp?i=121646&utm_source=	spa
dc.relation.references	1.jsp?i=121646&utm_source= “Decreto 472 de 2024 Alcaldía Mayor de Bogotá, D.C.” Accessed: Jan. 18, 2025. [Online]. Available: https://www.alcaldiabogota.gov.co/sisjur/normas/Norma 1.jsp?i=171020&utm_source=	spa
dc.relation.references	“Violaciones de seguridad de IoT: 4 ejemplos reales - Conosco.” Accessed: Jan. 18, 2025. [Online]. Available: https://conosco.com/industry-insights/blog/iot-security breaches-4-real-world-examples	spa
dc.rights	Atribución-NoComercial-SinDerivadas 2.5 Colombia
dc.rights	Atribución-NoComercial-SinDerivadas 2.5 Colombia
dc.rights.accessrights	info:eu-repo/semantics/openAccess
dc.rights.coar	http://purl.org/coar/access_right/c_abf2	spa
dc.rights.local	Abierto (Texto Completo)	spa
dc.rights.uri	http://creativecommons.org/licenses/by-nc-nd/2.5/co/
dc.subject.proposal	Autenticación	spa
dc.subject.proposal	Automatización	spa
dc.subject.proposal	Ciberseguridad	spa
dc.subject.proposal	Domótica	spa
dc.subject.proposal	Seguridad	spa
dc.subject.proposal	Internet de las Cosas	spa
dc.title	Internet de las Cosas: Sistemas de Autenticación en la Domótica	spa
dc.type.coar	http://purl.org/coar/resource_type/c_7a1f
dc.type.coarversion	http://purl.org/coar/version/c_ab4af688f83e57aa
dc.type.drive	info:eu-repo/semantics/bachelorThesis
dc.type.local	Trabajo de grado	spa
dc.type.version	info:eu-repo/semantics/acceptedVersion