We analyzed a part of the global ecosystem and massive data known as Internet of Things and Big Data respectively, with theoretical or applied security models. The problem is the introduction of solutions in public security, user privacy and cybernetic coercion, to deliver trusted services for data generated from public networks. The objective is to define a prototype of security model applied to Internet of Things with Big Data for tourism management in cities of Ecuador. Were applied the deductive method and the exploration to examine the information of the referenced researches. It turned out the following: Architecture prototype for the tourism management, Security model applied to architecture, Flowchart for the management of tourism information and Formula of lost packages. It was concluded that a data security strategy is necessary through a correct routing, reliable and high availability that allows to increase its level of reliability; also have a captive portal by sectors, which allows us to generate confidentiality agreements to guarantee the privacy of data; the model should be considered at the country level for a standard management of tourist information.