See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/363633894

A review on trust management in fog/edge computing: Techniques, trends, and

challenges

Article  in  Journal of Network and Computer Applications · January 2022

DOI: 10.1016/j.jnca.2022.103402

CITATIONS READS
9 179

2 authors:

Mohammad Nikravan Mostafa Haghi Kashani

Islamic Azad University ShahreQods Branch Azad University
13 PUBLICATIONS   316 CITATIONS    40 PUBLICATIONS   743 CITATIONS   

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Mostafa Haghi Kashani on 17 September 2022.

The user has requested enhancement of the downloaded file.

Journal Pre-proof

A review on trust management in fog/edge computing: Techniques, trends, and

challenges

Mohammad Nikravan, Mostafa Haghi Kashani

PII: S1084-8045(22)00061-3
DOI: https://doi.org/10.1016/j.jnca.2022.103402
Reference: YJNCA 103402

To appear in: Journal of Network and Computer Applications

Received Date: 1 September 2021

Revised Date: 10 March 2022
Accepted Date: 18 April 2022

Please cite this article as: Nikravan, M., Haghi Kashani, M., A review on trust management in fog/edge
computing: Techniques, trends, and challenges, Journal of Network and Computer Applications (2022),
doi: https://doi.org/10.1016/j.jnca.2022.103402.

This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition
of a cover page and metadata, and formatting for readability, but it is not yet the definitive version of
record. This version will undergo additional copyediting, typesetting and review before it is published
in its final form, but we are providing this version to give early visibility of the article. Please note that,
during the production process, errors may be discovered which could affect the content, and all legal
disclaimers that apply to the journal pertain.

© 2022 Published by Elsevier Ltd.

 A review on trust management in fog/edge computing:
Techniques, trends, and challenges

Mohammad Nikravan*, Mostafa Haghi Kashani

Department of Computer Engineering, Shahr-e-Qods Branch, Islamic Azad University, Tehran, Iran.
E-mail addresses: m.nikravan@qodsiau.ac.ir, mh.kashani@qodsiau.ac.ir
* Corresponding author

of
Abstract

ro
Cloud computing provides software, infrastructure, and platform as services and reduces the cost of usage
for cloud customers. Recently, a system architecture called Fog and Edge Computing (FEC) has been

-p
introduced that fills the gap between cloud and things toward the continuum of service and optimizes
cloud computing resources by processing time-sensitive data near the data generation source at the
re
network edge. Since the FEC environment includes myriad heterogeneous computing nodes, some of the
FEC nodes may be un-trustful or even malicious; therefore, these un-trustworthy nodes could disrupt the
lP

normal activity of FEC in data storing and processing. Consequently, FEC trust management is crucial to
provide trustworthy data processing and improve user privacy. Despite the critical importance of trust
management issues in the FEC, any systematic review in this field has not been performed. This paper
na

presents a systematic review of 74 high-quality articles related to FEC trust management published
between 2015 and July 2021. To this end, selected FEC trust management approaches are categorized into
three main classes: algorithm, architecture, and model/framework. Additionally, this paper discusses and
ur

compares the FEC trust management approaches based on merits and demerits, evaluation techniques,
tools and simulation environments, and important trust metrics. Finally, some open issues and future
Jo

trends for the oncoming studies are highlighted.

Keywords: fog/edge computing, trust management, privacy, Internet of things (IoT), attack, security

1. Introduction
Emerging myriad end devices such as tablets, smartphones, and IoT devices have led to an explosion in
the amount of generated data and changed the way we use services. Many applications such as IoT-based
healthcare systems, smart homes, smart factories, virtual reality, and intelligent transportation systems
need ultra-low latency processing and try to leverage the benefits of cloud computing and IoT such as
data centers, services, storage, and processing facilities [1]. Network latency is an inherent property of the
cloud computing environment that could act as a deterrent and prevent the applications from reaching full
advantages. Additionally, cloud computing could not support the requirements of location awareness and
mobility [2].
Fog and Edge Computing (FEC) is an emerging computing infrastructure that distributes fog/edge
nodes, provides storage and processing resources close to end-users, supports location awareness and
mobility, and overcomes cloud shortcomings [3, 4]. The FEC infrastructure includes context-aware FEC

1
nodes and operates as a substitute for cloud computing services that establish smaller datacenters and
weaker processing centers. The FEC nodes are placed between user devices and centralized cloud servers
and support a communication and data management system. They store and process the latency-sensitive
data at local fog/edge resources near to the end-users and send non-sensitive data to cloud datacenters.
Therefore, it could significantly decrease resource access latency, request-response time, processing time,
network latency, network traffic, and facilitate applications development. However, the existence of the
FEC layer is not mandatory for every system, and different scenarios might have different architectures
based on end-devices functionality requirements [5-7].
In the FEC environment, FEC nodes are the most crucial components since they are responsible for
ensuring user devices' anonymity and privacy. They are the first layer of the network that stores and
processes data of user devices [3, 8, 9]. Since the data contain users’ private and sensitive information,
ensuring the trustworthy of FEC nodes and guaranteeing that they execute only non-malicious processes
are vital to delegate their data processing and storing; therefore, all FEC nodes need to have a sufficient

of
level of trust. Without establishing a trusted environment, attackers could easily start attack scenarios and
compromise FEC nodes; therefore, the nodes are trustless or even may be malicious and could disrupt the

ro
processing of user devices data. It shows that FEC trust management plays a significant role in attracting
users trust to use FEC infrastructure and reinforcing relations between FEC nodes and user devices. The

-p
users should be sure that the FEC infrastructure could correctly store and process the data of user devices
while it provides security and privacy and prevents confidential information leakage [10].
re
Consequently, it is necessary to select trustworthy FEC nodes for data processing and isolate or
exclude the untrustworthy nodes. Due to heterogeneity, mobility, geographical distribution, and large-
lP

scale FEC environment, the traditional trust approaches cannot be directly applied to this environment,
and new adaptable trust management techniques should be applied to improve availability, security, and
privacy and provide trust [2, 11]. The FEC's main objectives of trust management are trust establishment
na

between the FEC nodes, selecting trustworthy FEC nodes by the user devices, and accepting requests
from trustworthy user devices by the FEC nodes. To aim these goals, some trust evaluation methods are
ur

required [12-14]. Usually, trust is defined as the level of confidence between the FEC/user-devices based
on direct and indirect perceptions that could be used to select an FEC node by end node or vice versa [4].
Jo

Since using the FEC is inevitable, and due to the importance of trust management in the FEC
environment, many studies have focused on trust management and security approaches in this field [2].
These approaches particularly focus on proposing algorithm, architecture, or framework/model for trust
management in the FEC environment. Despite the importance of FEC trust management, to the best of
our knowledge, no systematic literature review (SLR) on FEC trust management techniques that covers
trends, open issues, and future dimensions has been done. The novelty of current work is that it is the first
attempt to conduct a systematic literature review on FEC trust management techniques, including a
review protocol based on SLR guidelines. Current SLR defines papers selection process clearly, presents
a comprehensive classification of trust management proposed approaches, covers high-quality papers
published in well-known journals, and finally discusses trends, open issues, and future dimensions of the
subject. An SLR identifies, categorizes, analyzes, and provides a comparative review of state-of-the-art
and enables knowledge transfer in the research community [15-17]. We performed an SLR with the main
objective to identify, taxonomically categorize, and systematically compare the effective and valid
proposed approaches in the context of FEC trust management. Specifically, we conduct a methodological
overview of existing research to answer the following questions:
• What are the main operational motivations to provide trust in the FEC?
• What are the research categories of proposed FEC trust management approaches? Besides, what are

2
 the achievements in this field?
• What are the current approaches, techniques, and tools for trust management in the FEC?
• What are the future challenges and open issues of FEC trust management?
In this regard, we follow the guidelines in [16, 18], provide a systematic identification and taxonomic
classification of trust management techniques in the FEC, and conduct a comparative analysis of the most
efficient approaches in terms of potentials and limitations. To this end, we choose, categorize, analyze,
and compare 74 high-quality-related articles. Briefly, the main contributions of the study are as follows:
• Identifying the different objectives of trust management in the FEC
• Offering an overview of FEC trust management terminologies, principles, and metrics
• Providing a systematic review of FEC trust management approaches and highlighting their
advantages, disadvantages, constraints, and differences
• Categorizing the trust management approaches into three major categories, comprising algorithm,
architecture, and model/framework

of
• Summarizing open issues, research challenges, and problems in the context of FEC trust management
approaches

ro
Fig. 1 illustrates the structure of the paper. Section 2 describes the backgrounds of FEC and trust

-p
management. Section 3 discusses previous surveys and SLRs, and Section 4 provides the adopted
methodology for the systematic literature review. Section 5 detailed selected FEC trust management
re
approaches. Section 6 reports the evaluation of reviewed approaches. Finally, Sections 7, 8, and 9 present
the open issues, threats to validity, and conclusion, respectively.
lP

1. Introduction
na

2. Background
2.1. A common description of FEC 2.2. Trust management in FEC 2.3. Trust metrics in FEC Trust based attacks
ur

3. Related work and motivation

3.1. Review studies on FEC trust management 3.2. The motivations for a secondary study on FEC trust
Jo

4. Research method
4.1. Planning 4.2. Conducting

5. Classification for FEC trust management approaches

5.1. Trust management algorithms 5.2. Trust management architectures 5.3. Trust management framework/models

6. Analysis of results
6.1. An overview of the primary studies 6.2. Research objectives, techniques, and evaluation parameters

8. Vulnerabilities to validity and limitations

9. Conclusion

Fig. 1. The structure of our study

3
2. Background
This section provides an overview of the edge technologies (Section 2.1), then introduces the FEC
paradigm, trust management in the FEC, and evaluation metrics (Sections 2.2, 2.3, and 2.4), and finally,
discusses some trust-based vulnerabilities (Section 2.4).

2.1. Edge technologies

In recent years, various architectures such as mobile edge computing (MEC), cloudlets, micro data
centers, mist computing, fog computing, and edge computing have been introduced based on edge
technology.
• The MEC was introduced for the first time in 2014 [19] and was an industrial design to be used in
virtual machines and mobile networks. MEC is recently referred multi-access edge computing.
ETSI (European Telecommunications Standards Institute) defined MEC as a landscape that

of
presents cloud computing and IT capabilities within the radio access network in 4G/5G [20]. The
MEC is a type of edge computing to provide computational resources in the radio access network

ro
near mobile subscribers. It is employed to enhance context awareness and reduce response time.
Usually, the MEC nodes are located with a Radio Network Controller or a base station in the same

-p
site. The MEC servers are responsible for providing network real-time status information such as
network capacity and loaded tasks, along with information about user devices such as location and
re
data of transactions [21].
• The cloudlet concept aims to use virtual machine technology in cloud computing. With significant
lP

resources and near the mobile devices, the servers employ resources of mobile devices to construct
virtual machines. This multilayer architecture includes cloud, cloudlets, and mobile devices. A
cluster of trusted computers makes a cloudlet that supplies available resources to mobile devices
na

near the cloudlet. Therefore, mobile devices could access available resources with a low response
time and high bandwidth. The micro data-centers are small data-centers that have one or more
ur

servers, are quite functional, and could support several virtual machines [22].
• Similar to the cloudlet, the micro data center can improve reliability and quality of service,
Jo

decrease latency, reduce energy and bandwidth consumption, facilitate service development,
provide low response time; therefore, it could be used by fog computing and other technologies. It
also provides a secure computing environment and a container to encapsulate storage, networking,
and computation within it to execute the user's tasks [23].
• Mist computing is presented to get a more extreme edge of connected devices [24]. This computing
model can be used for dispersed computing at extreme edges where future self-aware and
autonomic systems are considered. Mist computing can be considered as the first computing place
in the IoT-fog-cloud hierarchy. It can be informally referred to as "things computing" or "IoT
computing". IoT devices may be a smart fridge, a smart watch, a mobile device, or wearable. In
mist computing, storage, compute, and networking can be extended across the fog through things
[25].

2.2. Fog/Edge computing

The fog computing and edge computing paradigms, despite some differences, have many similarities that
are considered equivalent in some papers [3, 12, 26]. FEC is a distributed system in which FEC nodes can
be heterogeneous and provide storage and processing resources close to the end-users. The FEC stores
and processes the latency-sensitive data at local fog/edge resources near end-users and sends non-

4
sensitive ones to cloud datacenters [4, 17, 27]. The FEC is a highly virtualized architecture placed
between cloud servers and end-user devices. Similar to traditional cloud computing, the FEC provides
software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS); however,
the FEC is decentralized and processes the data locally near the data sources. It facilitates the deployment
of distributed and latency-aware cloud applications and services [28-30]. End-users can access the FEC
anywhere and anytime using any connectable device to the FEC network.
FEC nodes are the most crucial components in the FEC architecture. They could be either virtual
entities such as virtual machines, switches, and cloudlets, or physical ones such as servers, routers, and
gateways. They are placed between the access network and user devices and provide storage, networking,
communication services, and computation facilities to the user devices. They are the first layer of the
network that stores and processes data of user devices. FEC nodes are location-aware and geo-
distribution-aware [4]. They can operate in a centralized or distributed method; they can operate as single
independent nodes that communicate with each other to deliver services. In addition, clustering of FEC

of
nodes provides horizontal scalability in the case of geo-distribution. To obtain full advantages of FEC, the
FEC nodes should support features such as programmability, heterogeneity, autonomy, manageability,

ro
and hierarchical clustering [31].
The essential characteristics of the FEC paradigm are (i) contextual location awareness and low delay,

-p
(ii) hardware heterogeneity, (iii) dense geographical distribution, (iv) interoperability and federation, (v)
real-time interaction, (vi) support of mobility (vii) scalability and agility of federated and FEC clusters [4,
re
12]. The important factors in FEC architecture design are inter-node communication, efficient resources
usage, trust, and security. The beneficial aspects of the FEC are as follows:
lP

• Providing additional security to user devices and ensuring safety and trustworthiness of transactions
• Improving the agility of large-scale IoT environments
na

• Providing the awareness of clients' objectives to support time-independent and location-independent

decision-making system
• Deploying computing and storage resources and controlling functions
ur

• Minimizing request-response time for the applications that require ultra-low latency using local
Jo

computing resources
• Improving the efficiency of cloud-centric IoT in terms of enhancing performance and reducing
unnecessary costs
• Decreasing resource access latency, processing time, network latency, network traffic, and
facilitating applications development
• Providing a higher quality of service in terms of low energy consumption and fast response time

2.3. Concept of trust management in the FEC

Various definitions [32, 33] have introduced the concept of trust management. Trust is a critical issue in
the nowadays-networked world, and trust management plays a significant role in attracting users to accept
the FEC environment. As shown in Fig. 2, "trust" is the integration of privacy, security, and availability;
thereby, the systems having a higher level of privacy, security, and availability have a higher level of trust
as well. The users require to be sure that the resource and service providers can completely perform the
delegated tasks and provide privacy of users’ confidential information and security of FEC nodes.
Security is the first necessity of establishing trust in the FEC environment; strict authorization and
authentication methods provide security. The authorization is the process of granting users or devices
permissions to access data or resources and prohibits unwanted or malicious access. Implementing access
control methods provides authorization. Authentication is the process of verifying the identity of system

5
entities, including users, devices, and applications, as the most frequent entities of the FEC environment.
It ensures that only legal entities can access the resources.
In practice, the methods such as multi-factor authentication, biometric-based authentication, using smart
cards, assigning unique identifiers to devices, and assigning unique IDs to users, are common approaches
to provide authentication in the FEC environment. Privacy is another basis of trust in the FEC
environment and prevents user confidential information leakage. Privacy is “The right of the person to
determine what information about himself could be disclosed to others and under what conditions”.
Preserving the privacy of users and devices in terms of location, data, and activities in the FEC
environment is mandatory [2]. The availability of offered applications and services is the last important
factor to establish trust in the FEC environment that ensures the services are available and usable in
almost all the operational conditions.
When the FEC nodes join to FEC environment, initially, each node is assigned a predefined default
trust value. Usually, previous experiences and interactions among the nodes are used to compute the trust

of
level of the FEC node. The trust level of nodes is periodically evaluated and updated after each interaction
which indicates the level of trust or distrust between the FEC nodes [34]. During the interactions among

ro
FEC nodes, the FEC nodes should collaboratively monitor their neighboring nodes to detect malicious
behaviors, periodically collect trust information, compute trust value (including direct and indirect trust

-p
value), assess their trustworthiness for future cooperation based on past reputation, and finally publish
trust values across the network [34, 35]. After computing trust values, the nodes with a lower level of
re
trust value assumed untrusted or malicious and isolated from the FEC network; conversely, nodes with a
higher level of trust value assumed trustworthy and selected for storing and processing important tasks in
lP

the future. Availability, security, privacy, reliability, and efficiency are some of the reference criteria for
trust computing and evaluation and node acceptance in the FEC environment [36]. Trust can ensure
reliability, security, and privacy among FEC nodes during the interactions; therefore, an integrated,
na

flexible method is required to establish trust in the FEC. Trust establishment includes defining all trust
relationships, evaluating, presenting, maintaining, and distributing trust value between FEC nodes. Trust
ur

management approaches should be scalable and lightweight in terms of computational time and energy
consumption and should support a variety of completely heterogeneous nodes and subnetworks [37, 38].
Jo

Trust

Security Privacy Availability

Authentication Authorization

Fig. 2. A hierarchical concept of trust in the FEC

6
2.4. The metrics to evaluate FEC trust management approaches
In this paper, the evaluation and analysis of the proposed approaches in FEC trust management are based
on the following parameters:
• FEC Performance: Trust management is a double-edged sword. It selects only trusted FEC nodes to
delegate data storing and processing, therefore, malicious nodes could not disrupt the normal activity
of FEC network and misuse FEC resource, and consequently the performance is increased. The
parameters that have influence on performance are resource utilization, network overhead, energy
consumption, and computation time. However, to provide trust, each FEC node must periodically
perform additional tasks to compute and evaluate trust level of other nodes. This additional process
could affect the overall performance of FEC environment. Therefore, the trust management approach
should generate minimum overhead and enhance the FEC performance.
• Time-relevant parameters: Because the trust management mechanism leaves trusted FEC nodes in
the FEC network and excludes the malicious nodes from the FEC network, local fog/edge resources

of
store and process some amount of data. This prevents sending a huge volume of data to centralized
cloud servers, decreases network latency, response time, and processing delay, and increases the

ro
delivery ratio. However, to provide a trusted environment, the FEC nodes should collaboratively
monitor their neighboring nodes, periodically collect trust information, compute trust values, and

-p
finally publish trust values across the network. After each interaction between FEC nodes,
performing this process could increase time-relevant parameters such as network latency, response
re
time, processing delay, and decrease delivery ratio in the FEC network. Consequently, the trust
management approach should be computationally efficient and generate and transmit the minimum
lP

amount of trust data to reduce time-relevant parameters such as latency [2], [39].
• Accuracy: The trust management approach should accurately evaluate trust and reputation.
na

• Reliability: The reliability guarantees that the network operates correctly without fault and
interruption for a specified period [40]. Enforcing trust management leads to selecting FEC nodes
ur

with a higher level of availability to perform tasks that improve reliability.

• Compatibility/adaptability/ flexibility/ resiliency: Since the FEC nodes and end-user devices
Jo

dynamically join and leave the FEC network, the environment is fully dynamic. Therefore, trust
management methods must be compatible/adaptable with changes and the dynamic context of the
environment [41].
• Verifiability: A trust management approach is verifiable if there is a universal standard to verify the
approach's effectiveness [36]; thereby, the approaches should be verifiable.
• Robustness: The trust management approach is robust if it is attack-resistant, available, and efficient;
the approaches should be robust enough.
• Fog cost/cloud cost: In a trusted FEC environment, fog/edge resources store and process some
amount of data locally near to the end-users which this prevents sending a huge volume of data to
centralized cloud servers, which decreases cloud processing costs, network bandwidth consumption,
and network traffic. Additionally, processing the data by trusted FEC nodes leads to a lower
computational cost in the FEC layer. However, running trust management algorithms causes some
computational and communication overhead; therefore, the trust management approach should be
computationally efficient, generate, and transmit the minimum amount of trust data to reduce
fog/cloud cost [36].

7
 • Integrity: Data integrity guarantees that the correspondences and data content is protected and kept
undamaged while transmitted from sender to receiver [42]. Enforcing authentication and
authorization within trust management improves integrity.
• Availability: The availability ensures that the network provides services even in case of attacks [42].
Trust management approaches isolate FEC nodes with lower levels of availability and save the nodes
with higher levels of availability, which improves the availability of the FEC environment.
• Scalability: Scalability is the ability of the approach to continue working and satisfy the changing
needs while the number of devices, number of users, or geographical scope is changed [43]; due to
the dynamic structure of the FEC environment, the trust management approach should be scalable.

2.5. Trust based attacks

The FEC environment is vulnerable to a variety of attacks. However, some of the attacks are specific to

of
trust management systems and can affect the entity's reputation. The followings are a concise introduction
of these attacks:

ro
• Hidden data attack: The hidden data attack is a type of internal attack at the data level, in which
malicious nodes normally communicate with other communication parties, but they cause the user to

-p
make wrong decisions by providing incorrect data [44].
• Bad mouthing attack: A common attack against trust management systems, in which some colleague
re
nodes propagate false negative information about honest nodes to reduce the reputation of honest
lP

nodes [45].
• Edge node attack: Malicious edge nodes launch this type of attack that can violate the data integrity.
na

• Collision attack: In a collision attack, several malicious nodes collaborate to decrease or increase the
trust value of other FEC nodes [46].
ur

• Handoff attack: Handoff is the process of end device movement from one place to another and
looking for a new FEC sink. During this process, some nodes may change to malicious nodes.
Jo

Additionally, an attacker may collaborate with a malicious user to perform some malicious activities,
consume network resources, and degrade network performance [59].

3. Motivations and related works

This section explores the systematic reviews and surveys carried out on the FEC trust management
subject. This way, Section 3.1 systematically reveals the absence of pervasive reviews, defects, and
advantages of existing reviews. Then, Section 3.2 defines the motivations of the current study according
to a systematic search protocol.

3.1. An overview on investigations on FEC trust management

Table 1 summarizes the investigations on FEC trust management, including SLRs and surveys.
3.1.1. Surveys
Yan, et al. [47] studied trust properties and IoT trust management goals and surveyed the literature that
provides trustworthiness in IoT. Additionally, they summarized open issues and research challenges;
however, the review focus was on IoT. The authors neither conducted the review systematically nor
defined the process of paper selection as well publication years of reviewed papers. Noor, et al. [48]

8
comprehensively focused on the trust management problem in the cloud, described trust management
features, identified the characteristics of trust, classified trust management approaches, and proposed a
general analytical framework to evaluate the cloud trust management system. However, the review focus
was on the cloud. The authors did not conduct the review systematically did not define the process of
paper selection and publication years of reviewed papers.
Furthermore, Guo, et al. [49] categorized proposed trust evaluation models for service management in an
IoT environment according to five essential design dimensions. Additionally, they summarized the cons
and pros of IoT trust calculation models, identified the most impressive trust calculation approaches, and
provided open issues. However, the review focus was on IoT; the authors neither conducted the review
systematically nor defined the process of paper selection. In addition, publication years of reviewed
papers were between 2011 and 2016. Zhang, et al. [2] indicated trust and security issues related to fog
computing, comprehensively reviewed the literature focused on these issues, and taxonomically
categorized proposed approaches. Finally, they mentioned trust and security research trends; however, it

of
was not a systematic review. The authors did not define the process of paper selection, and publication
years of reviewed papers were between 2014 and 2018.

ro
Din, et al. [50] extensively analyzed the most relevant IoT trust management approaches, highlighted
cons and pros, and provided a description of the approaches. However, the review focus was on IoT; the

-p
authors did not present any classification and open issues, did not conduct the review systematically and
described how they selected the papers as well publication years. Ahmed, et al. [51] proposed a cloud-to-
re
cloud trust model and a comprehensive study of existing trust management systems that showed
shortcomings in providing cloud-to-cloud trust requirements. Additionally, they showed that adapting
lP

current approaches to the nature of cross-cloud federation could solve some challenges. However, the
review focus was on the cloud; the authors neither conducted the review systematically nor defined the
process of paper selection as well publication years of reviewed papers.
na

Ahmed, et al. [52] presented a classification of trust management approaches in IoT based on important
trust parameters, including trust metrics, trust properties, trust levels, and trust attacks. Additionally, they
ur

reviewed recent papers focusing on trust and reputation in the IoT paradigm and highlighted open
research challenges. However, the review focus was on IoT; the authors did not conduct the review
Jo

systematically did not define the process of paper selection. Altaf, et al. [53] presented a categorization of
trust-related attacks, compared and categorized current trust models based on IoT attacks and operational
requirements, and designed a conceptual framework to determine future research directions. However,
this survey was focused on IoT; the authors neither conducted the review systematically nor defined the
process of paper selection.
Sharma, et al. [54] presented a clear view and comprehensive survey of IoT trust management systems
along with their phases, capabilities, and limitations. They identified different trust management
applications and evaluated designing and establishing problems of IoT trust management. Finally, future
research directions and open issues were provided. However, the review was relevant to IoT and was an
unsystematic one; the authors did not define the process of paper selection as well publication years of
reviewed papers. Muzammal, et al. [55] classified IoT network routing protocol attacks, reviewed recent
attempts to secure IoT applications and IoT routing protocols, presented a classification of trust metrics
and trust models and their importance on IoT network security, and described trust evaluation methods.
Finally, the open issues and future trends were included; however, the authors focused on IoT and
conducted it unsystematically without defining the process of paper selection.
Alwarafy, et al. [56] provided a categorization of vulnerabilities and attacks in edge computing-assisted
IoT models and discussed applicable approaches at different network layers to provide security, privacy,

9
and counter-attacks. They surveyed recent attempts relevant to privacy and security in the context of the
edge computing-assisted IoT model and classified them based on security goals. Finally, privacy and
security-related open challenges were outlined; however, the review was not systematic, the authors did
not mention how they select the papers as well publication years. Fortino, et al. [5] described the basic
aspects of trust management solutions in IoT domains and discussed how traditional trust techniques
could be employed in IoT environments. They considered intelligent agents technology to add social
behavior to smart objects community, analyzed current IoT architectures, and proposed architectures to
model trust in the IoT domain. However, the review related to IoT, and the authors neither conducted the
review systematically nor defined the process of paper selection as well publication years of reviewed
papers.
Table 1. A summary of related review investigations on FEC trust management
Review Ref. Main topic Publication Paper Classification Open Covered year
type year selection issues
process

of
[47] Trust management for the IoT 2014 Not defined Yes Presented Not defined
Research challenges of trust Not
[48] 2016 Not defined Yes Not defined

ro
management in the cloud presented
Trust frameworks for service
[49] 2017 Not defined Yes Presented 2011-2016
management in IoT

-p
Trust and security issues in fog
[2] 2018 Not defined Yes Presented 2014-2018
computing
Trust management approaches Not
[50] 2019 Not defined No Not defined
re
for the IoT presented
A survey and Requirement
[51] Analysis of trust evaluation in 2019 Not defined Yes Presented Not defined
lP

Cloud
Surveys
Reputation and trust
[52] 2019 Not defined Yes Presented 2011-2018
management for the IoT
[53] Trust models for the IoT 2019 Not defined Yes Presented 2011-2018
na

Trust management schemes and

[54] 2020 Not defined Yes Presented Not defined
applications for the IoT
Mitigation methods and trust-
[55] based approaches for secure 2020 Not defined Yes Presented 2015-2020
ur

routing in IoT
Privacy and security challenges
[56] 2020 Not defined Yes Presented Not defined
in edge computing-assisted IoT
Jo

State of the art on trust and

[5] 2020 Not defined Yes Presented Not defined
reputation in the IoT
Trust establishment and
[57] 2019 Defined Yes Presented 2010-2018
assessment in cloud services
Trust Management approaches
[39] 2019 Defined Yes Presented 2011-2018
in the IoT
Trust-based recommendation
SLRs [58] 2019 Defined Yes Presented 2011-2018
systems in IoT
Trust management in social
[59] 2020 Defined Yes Presented 2003-2019
Internet of Things
Our Trust management in fog/edge
- Defined Yes Presented 2015-2021
study computing

3.1.2. SLRs
Mahmud and Usman [57] conducted an SLR to introduce and categorize recent researches relevant to
trust evaluation and trust deployment techniques in cloud services. Additionally, they highlighted the cons
and pros, and trust metrics of proposed studies. Finally, many potential future research directions were
identified; however, this review was focused on cloud services and covered the papers published between
2010 and 2018. Pourghebleh, et al. [39] classified IoT trust management approaches into four categories,
including reputation-based, prediction-based, recommendation-based, and policy-based, through
conducting a systematic literature review. In addition, the pros, cons, and differences of techniques were
presented, and important evaluation metrics, principles, and terminologies in the context of IoT trust

10
management were introduced. Finally, future research challenges were explored. However, this review
was focused on IoT, and covered the papers published between 2011 and 2018.
Mohammadi, et al. [58] presented an SLR of trust-based IoT recommendation techniques. According to
extracted parameters, the existing techniques were categorized into three classes, including the physical
layer, network layer, and application layer. Additionally, the advantages and disadvantages of the
techniques were introduced, important trustworthiness factors were discussed, and open research issues
were highlighted. However, this review was focused on IoT and covered the papers published between
2011 and 2018. Chahal, et al. [59] presented a holistic vision of trust management focusing on social IoT,
discussed trust evaluation metrics specific to the social IoT environment, investigated the relationship
between social IoT objects, and compared and categorized existing trust management models based on
management process, evaluation factors, and goals. Future open issues were also included; however, this
review focused on social IoT and covered the papers published between 2003 and 2019.

of
3.1.3. Concluding remark
The previous SLRs [39, 57-59] have not comprehensively investigated the FEC trust management

ro
approaches. Mahmud and Usman [57] focused on trust management approaches in cloud services
presented until 2018. Pourghebleh, et al. [39] studied IoT trust management approaches published until

-p
2018. Mohammadi, et al. [58] presented an SLR on trust-based IoT recommendation techniques and
covered the papers published between 2011 and 2018. Chahal, et al. [59] presented a holistic vision of
re
trust management focusing on social IoT and studied the papers published between 2003 and 2019.
Among the studied reviews, the closest works to ours are [2, 56]. However, the authors neither conducted
lP

the reviews systematically nor defined the process of paper selection. Additionally, the former focused on
fog and did not include recently published papers, and the latter focused on edge. In the contrary, our
work is a systematic literature review that includes both fog and edge trust management approaches, and
na

comprehensively covers recently published papers until July 2021. Consequently, to the best of our
knowledge, our SLR is the first attempt to explore FEC trust management approaches until 2021.
ur

3.2. The motivations to conduct a second investigation on FEC trust management approaches
Jo

The SLR's motivations are to identify, classify, and evaluate current solutions for FEC trust management.
It generally tries to categorize and compare the current solutions in this subject. Applying the below
search string, we searched Google Scholar to show that there is not any comprehensive SLR on FEC trust
management until 2021:
( fog <OR> edge <OR> cloud <OR> IoT <OR> “Internet of Things”)
[AND]
(study <OR> review <OR> overview <OR> survey <OR> trends <OR> challenges <OR>“state of the art”)
Previous reviews before July 2021 did not classify trust approaches taxonomically and analytically to
clarify future works of FEC trust management. Table 1 summarizes the proposed reviews in terms of the
type of review, main subject, year of publication, the process of paper selection, classification, future
work, and years of reviewed articles. As seen, the reviews have not used SLR guidelines to investigate
FEC trust management approaches until 2021 (as described in Section 3.1.3). Therefore, this review is the
first attempt to use SLR guidelines to study FEC trust management approaches until July 2021. Due to the
above-mentioned reasons, we have conducted this study comprehensively to remove the following
defections:
• Most of the studied review papers did not focus explicitly on trust management techniques in the FEC

11
 environment. Most of them focused on trust management in IoT or the cloud environment, whereas
this paper specifically focuses on trust management approaches.
• Some reviews did not present a classification of FEC trust management approaches; however, the
current work explicitly presents a figurative classification of FEC trust management approaches.
• The current work investigates recently published articles; in contrast, most previous reviews covered
the papers published before 2019.
• Some of the reviews were conducted without following specific guidelines, and the process of paper
selection was undefined.
• Some of the reviews did not study evaluation metrics of FEC trust management, whereas the current
study presents evaluation metrics and evaluation types.
• Some of the reviews did not mention evaluation tools of FEC trust management, whereas the current
study explicitly mentions evaluation tools.

4. Research methodology

of
Unlike the ordinary review process, an SLR [16] applies a precise and strict sequence of research steps to

ro
review kinds of literature, and first, it originated from the medical field. Generally, as depicted in Fig. 3,
the SLRs use well-defined procedures for identifying, analyzing, and synthesizing the results of papers

-p
relevant to a specific subject [15, 16] and answering the pre-specified research questions related to the
subject. Therefore, in this work, the SLR guidelines are used to design a three-phase review protocol,
re
including planning, conducting, and documenting. To conduct this study, the results of each phase are
externally evaluated. An explicit taxonomy of the reviewed articles is offered, which is a basis for an
lP

analogical analysis of research based on our analysis features included in external assessments. The
systematic review is performed by summarizing the planning and conducting phases. The summary of
extracted data from reviewed articles is presented in Section 5; additionally, the implications and findings
na

of the research are presented in Section 6.

ur
Jo

Fig. 3. An overview of our research methodology

12
4.1. Planning phase
The planning phase starts with introducing the SLR method motivations and leads to building a
protocol for reviewing, as introduced below:
4.1.1. Introducing the SLR motivations: Section 3.2 identifies and discusses the contributions and
motivations of the current SLR.
4.1.2. Specifying research questions: The research questions determine the motivations of our SLR, and
answering the questions gives us a review of FEC trust management approaches based on evidence. Since
this study aims to conduct a systematic literature review on FEC trust management techniques, we define
four research questions (RQs) to illuminate the foundations for achieving the search strategy for literature
extraction. The motivation of SLR outlines the goal of studying each question. A comparative analysis
allows analyzing the total impact of research presented in terms of comparison aspects. The purpose is to
define, discuss, and highlight the subjects most relevant to FEC trust management, such as challenges,
approaches, privacy, security, energy consumption, computational time, availability, and scalability.

of
Table 2 shows the research questions:

ro
Table 2. Research questions
Research Question

-p
RQ1: What are the main operational motivations to provide trust in the FEC?
RQ2: What are the research categories of proposed FEC trust management approaches? Besides, what are the
re
achievements in this field?
RQ3: What are the current approaches, techniques, and tools to provide trust management in the FEC?
lP

RQ4: What are the FEC trust management's future challenges and open issues?
4.1.3. Describing and evaluating the protocol of review. Following the guidelines in [16] and according to
na

our previous SLRs [13, 60-69], we proposed a review protocol and applied it to conduct this study
systematically. This protocol comprises a set of research questions, the process of selecting primary
articles, and data extraction introduced in Sections 4.1.2, 4.2.1, and 4.2.2. According to the aims, the
ur

research questions and scope of the study were defined to obtain the search string used in literature
extraction. As presented in [70, 71], the protocol first was externally evaluated and then was executed. An
Jo

external expert, having experience conducting SLR in a context near FEC, evaluated the review protocol
and gave feedback; finally, the given feedback was applied to the review protocol. Aiming to reduce the
bias among researchers and improve the data collection procedure, we conducted a pilot SLR on 20% of
included articles. During this pilot study, the scope of the study was extended, search strategies were
progressed, and the inclusion/exclusion criteria were fine-tuned.

4.2. Conducting phase

Conducting is the second phase of the SLR methodology that initiates with article selection and
continues with data extraction and synthesis. The following introduces the search process and way to
select articles based on the SLR method:
4.2.1. Selecting primary articles: This subsection aims to present the methods of searching and
selecting articles in conducting phase. Choosing the articles includes two steps as follows:
• Initial selection: To identify all papers about FEC trust management approaches initial search was
done based on the paper title, abstract, and keywords among the IEEE, ScienceDirect, Springer,
ACM, Wiley, and Google Scholar databases for published papers from 2015 to July 2021. The
initial search, based on the search string, returned 1296 papers related to FEC trust management

13
 from conference proceedings, thesis, book chapters, and journals. Table 3 shows the numbers of
related papers in the IEEE, ScienceDirect, Springer, ACM, Wiley, and Google Scholar databases.
Google Scholar was used as the main search engine along with the following search string:

(fog <OR> edge) <AND> (trust <OR> trustworthy <OR> trustworthiness <OR> mistrust <OR> distrust)

Table 3. Number of total studies

No Database Result
1 IEEE 513
2 ScienceDirect 134
3 Springer 240
4 ACM 91
5 Wiley 183
6 Google Scholar 135
Total 1296

of
• Final selection: To ensure that high-quality and most relevant papers are selected, some

ro
inclusion/exclusion criteria were defined, all the 1296 extracted articles were examined, and the
inclusion/exclusion criteria were applied to them. As shown in Table 4, these criteria exclude the

-p
papers that do not focus on our objective and keywords. Finally, we completely reviewed the
remained papers and based on the entire text and quality of the paper, the 74 papers that are directly
re
relevant to FEC trust management were chosen as our final study. Figure 4 depicts this process.
Table 4. Inclusion and exclusion criteria
lP

Criteria
• The papers focusing on FEC trust management techniques
Inclusion
na

• The papers published from 2015 to July 2021

• The papers out of FEC trust management techniques scope
• Non-English papers and non-peer-reviewed papers
ur

Exclusion • Editorials and editorial notes

• Commentaries or survey papers
Jo

• Thesis and short papers reports, books, and book chapters

4.2.2. and 4.2.3. Extracting and synthesizing data: Following the guidelines in [16, 71], first, the data
from mentioned online databases were taken, then a structural template according to the features of
characterization was determined to record the data obtained from selected articles. The FEC trust
management approaches were studied, the capabilities and limitations were investigated, the benefits and
defects of the proposed research were analyzed as an organized comparative analysis in Sections 5 and 6.
Finally, directions for future research, as collective research impact, were presented in Section 7.

Inclusion/exclusion
Criteria

Initial selection
Search Final selection
based on
term based on full
title, abstract
text
& key words

IEEE, Science Direct,

Springer, ACM, Wiley,
Google Scholar
Result = 1296 Result = 74

Fig.4. The primary study selection process

14
4.3. Documenting
The aim of this phase is to document the observations. To this end, the results were analyzed and
compared to answer research questions and present final reports in Sec. 6. After documenting the
findings, vulnerabilities to validity and limitations of the current study were explained in Sec. 7.

5. Classification for FEC trust management approaches

This section introduces the 74 selected articles and discusses the approaches' specifications, differences,
advantages, and disadvantages. Since the literature on trust management in fog environments is widely
diverse, arranging a systematic study is difficult. Because most of the FEC trust management researchers
have tried to tackle the issue by proposing algorithm, architecture, or framework/model, categorizing the
selected approaches into three classes, including algorithms, architectures, and frameworks/models, is a
natural choice.

of
5.1. FEC trust management algorithms

ro
This category includes the papers that propose an algorithm to manage trust in the FEC environment,
considering a general architecture. Generally, the proposed algorithms were evaluated through simulation.

-p
Subsection 5.1.1 discusses, analyzes, and compares FEC trust management algorithms. Then, subsection
5.1.2 summarizes the information captured from reviewed papers and compares them.
re
5.1.1. A review on selected FEC trust management algorithms
This subsection reviews the articles relevant to FEC trust management algorithms including [72], [44],
lP

[73], [74], [75], [76], [77], [78], [79], [80], [81], [82], [82], [73], [83], [83], [84], [85], [86], [87], and
[88].
na

Dewanta and Mambo [72] proposed an approach based on bidding price transaction and constructed a
trusted vehicular fog computing in a rural area. Using this approach, the vehicles had to gain a certificate
ur

before entering a rural area, and only registered vehicles were able to provide vehicular fog computing
services with authorized entities. Thereby, it protected against anonymous outsider attacks; however, the
Jo

vehicles were not honest in reporting their transactions. Zhang, et al. [44] presented a multi-layer trust
evaluation mechanism including the preliminary decision, data analysis, and direct trust. The mechanism
protected against hidden data attacks and guaranteed the validity of information from WSNs; however, it
needed improvement to satisfy complicated situations.
Wang, et al. [73] designed a data collection protocol and constructed a trust model for fog nodes that
used some trust evaluation metrics to evaluate the sensor nodes. The model effectively filtered out
untrusted nodes, avoided visiting unnecessary sensors, avoided collecting untrusted data, reduced node
delay and energy consumption, and extended network lifetime. However, the authors did not consider the
required running time of the algorithm and its effect on performance. Wang, et al. [74] provided a trust
communication mechanism in sensor-cloud systems. The mechanism established a universal trust model
based on the sensors' communication history, computed the trust value of communications by fog nodes,
detected untrusted nodes, and denied access of untrusted nodes to resources. Thereby this approach
enhanced the compatibility, verifiability, and accuracy of trust evaluation. However, the authors did not
consider heterogeneity and scalability.
Fang, et al. [75] proposed a trust management system for fog-assisted industrial WSNs that tried to
establish a trade-off between energy consumption, security, and performance to select the trustworthy
next node in the routing process effectively. Therefore, it defends against bad-mouthing attacks and

15
enhances security and network survivability, considering transmission performance, energy consumption,
and load balancing. However, the authors should evaluate the scalability of the system. Cinque, et al. [76]
exploited the blockchain security feature (employing a set of fog nodes to collect, process, and propagate
trust assessment of sensor nodes) and constructed a secure, resilient, decentralized, and energy-efficient
approach trust management scheme for the IoT. However, the simulation or implementation was not
performed, and the approach worked only if the sensor nodes were consistent among themselves.
Rahman, et al. [77] proposed a trust evaluation method using fuzzy logic. They discussed a campus
scenario, and their contribution was determining the best configuration of the fuzzy logic algorithm and
using it to evaluate trust based on three measures: reliability, distance, and latency. However, it was
interesting to consider other possible trust evaluation metrics of fog, such as security, energy
consumption, and mobility. Gao, et al. [78] proposed a lightweight multidimensional trust evaluation
algorithm that addressed the edge device trust evaluation problem in a service-oriented IoT environment.
The proposed algorithm improved the reliability, adaptability, robustness, and credibility of the IoT edge

of
environment. However, the algorithm needed more enhancements to provide a trust update model and
optimize the aggregation mechanism that amplifies flexibility.

ro
Yuan and Li [79] presented a lightweight and reliable multi-source trust evaluation algorithm for IoT
edge devices that countered against malicious service providers' bad-mouthing attacks. Experimental

-p
results showed that it is computationally efficient and reliable; however, it lacked any incentive
mechanism, which may prevent the IoT devices from successfully accepting and cooperating with other
re
IoT devices and suffered from un-scalability. Wang, et al. [80] proposed a trust evaluation mechanism
based on crowdsourcing and a hierarchical trust management scheme based on mobile edge nodes for
lP

trust evaluation in cyber-physical and cloud computing systems. The proposed approach efficiently
improved the accuracy of trust evaluation. However, the crowdsourcing network is vulnerable in terms of
privacy and security based on inherent features of social computing.
na

Xu, et al. [81] proposed a trust-oriented IoT service placement algorithm for smart cities. The algorithm
preserved IoT devices' privacy and placed IoT services on the edge-computing units considering resource
ur

usage, load balancing, and power consumption. However, the authors should extend the algorithm to real-
world scenarios and propose a method to quantify privacy preservation. Qureshi, et al. [82] presented a
Jo

mechanism based on trust evaluation that calculated indirect and direct trust, identified internal attacks,
detected malicious nodes, and isolated them. Therefore, it improved privacy and security.
Qureshi, et al. [82] leveraged black-white-list and proposed an intelligent mechanism to compute trust
value based on intelligent devices and edge centers and select trusted communication parties, thereby
enhancing QoS of edge computing for IoT in the smart cities. Wang, et al. [73] proposed a trust-aware
task offloading algorithm for video surveillance in edge computing enabled Internet of vehicles. The
algorithm increased the trustworthiness and quality of video surveillance services, minimized the services'
response time, achieved edge nodes' load balance, and preserved privacy. Xiao, et al. [83] presented a
mobile edge computing (MEC) trust mechanism based on blockchain to counter faked service record
attacks and selfish edge attacks. Additionally, they designed a processor allocation algorithm based on
reinforcement learning to evaluate edge devices' computational performance and minimize the processors'
offload task.
Xiao, et al. [83] considered important factors impressing trust evaluation in resource requests in
dynamic environments and proposed a multi-property algorithm to evaluate edge-computing trust,
determine edge device reliability, and provide trustworthy services for users. Then, using a data-driven
capsule network, they analyzed the relationship between trust properties and offered trust prediction.
Simulations showed the low convergence time and high rate of malicious node detection; however other

16
parameters such as scalability were not considered. Priyadarshini, et al. [84] used subjective logic and
logistic regression and presented a method to assess the trust between fog nodes in fog computing.
Simulations showed the accuracy and efficiency of the proposed method; however, important trust
evaluation issues were not considered. Hallappanavar and Birje [85] combined user similarity and
multiple source trust computation and designed a method based on IoT devices trustworthiness to predict
QoS for service recommendation. It permitted IoT devices to choose trustworthy and reliable fog nodes
and the most appropriate services that fully fit their needs.
Zhou, et al. [86] proposed an efficient, distributed, and context-aware content caching method for the
mobile edge computing environment. The proposed method used a trust evaluation factor to select
reliable neighbor edge nodes that ensured trustworthiness. In addition, it maximized caching hit rates
using different users' contextual information and provided an extendable size of caching nodes that
improved scalability and performance. However, the authors had to improve the security and privacy of
cached content. Zhang, et al. [87] integrated user trust requirements, QoS, and Network Function

of
Virtualization (NFV) sharing, formulated the problem as an integer linear program and designed an
efficient heuristic algorithm for service caching and throughput maximizing in a mobile edge cloud

ro
environment, considering trust issue. Simulations showed higher system throughput. However, its
scalability for large size networks was somewhat undesirable. Meena, et al. [88] proposed a computing

-p
offloading approach with trust enforcement, including two algorithms. The former efficiently offloaded
the services, balanced the load, and reduced the tasks response time using parallelism. The latter
re
calculated trust; thereby, only trustworthy applications were offloaded to the trusted nodes; therefore, it
provided security of service requests and countered with malicious nodes.
lP

5.1.2. A summary of FEC trust management algorithms

Briefly speaking, this category aims to provide a scalable and adaptive algorithm compatible with the
na

heterogeneity of the FEC environment; however, some algorithms have forgotten to consider some
important parameters. Table 5 and Table 6 summarize a comparison of reviewed algorithms.
ur

Table 5. Specifications of selected algorithmic approaches

Article Main idea Evaluation Tool Advantage Disadvantage
Jo

technique
[72] Proposing a bidding price-based Simulation Not mentioned • High security • Low reliability
approach to construct a trusted • Low
vehicular fog computing in a rural authenticity
area
[44] Protecting against hidden data Simulation MATLAB • High validity • Low Scalability
attacks by combining fog • High security • Low reliability
computing and a trust evaluation
mechanism and designing an attack
detection system.
[73] Designed a data collection protocol Simulation MATLAB • High trustworthiness • Low Scalability
based on fog computing to evaluate • Low node energy • Low reliability
the sensor nodes trust and plan the • Low delay
routing path for the mobile fog • High network lifetime
node.

[74] Employing fog nodes and forming Simulation MATLAB • High accuracy • Low
a multiple linear regression • Low energy heterogeneity
problem to facilitate trust • High compatibility • Low scalability
evaluation computations and solve • High verifiability
the trust communication problem
in sensor-cloud systems
[75] Using Gaussian distribution to Simulation MATLAB • High security • High
propose a trust management-based NS2 • Low energy consumption computation
routing algorithm for fog-assisted • High performance cost
industrial WSNs • High load balancing

17
Article Main idea Evaluation Tool Advantage Disadvantage
technique

[76] Exploiting blockchain security Not performed Hyperledger • High performance • Low node's
guarantees to construct a secure, • High security consistency
decentralized, and energy-efficient • High resiliency
trust management scheme for the
IoT.
[77] Using fuzzy logic to evaluate trust Simulation MATLAB • High accuracy • Low mobility
value based on three measures, • High reliability
namely reliability, distance, and • Low latency
latency
[78] Lightweight multidimensional Simulation MATLAB • High reliability • Low scalability
algorithm to evaluate trust in IoT NetLogo • High adaptability
service-oriented environment • Lightweight computations
• High credibility
• High robustness
[79] A trust evaluation algorithm for Simulation NetLogo • High reliability • Low scalability
IoT edge devices to counters • Lightweight computations
against bad-mouthing attacks • Bad-mouthing attack

of
resistant
[80] A hierarchical edge-based Simulation MATLAB • High accuracy • Low security

ro
mechanism to evaluate trust in • High efficiency • Low privacy
cloud computing and cyber- • Low cloud's total cost
physical systems

-p
[81] A Trust-Oriented IoT Service Simulation Not mentioned • High efficiency • Low scalability
Placement for Smart Cities in Edge • High reliability
Computing • High load balancing
re
• High privacy
[82] A mechanism to calculate trust and Simulation OMNET++ • High trustworthiness • Low scalability
identify attacks • High performance • Low security
lP

• High accuracy
• High data delivery ratio
• Low delay
na

• High privacy
[82] An algorithm to calculate trust and Simulation Not mentioned • High performance • Low accuracy
select trusted communication • High trustworthiness
parties • High scalability
ur

[73] A trust-aware task offloading Simulation Not mentioned • High resource utilization • Low security
algorithm for video surveillance • High privacy • Low scalability
services • High load balancing
Jo

[83] A blockchain-based algorithm to Simulation Ethereum • High resource utilization • Low privacy
improve trust in the MEC • High performance • Low security
environment • Low latency • Low scalability
• Low energy consumption
[83] A multi-property algorithm to Simulation EdgeXFoundry • High detection rate • Low security
evaluate edge-computing trust and • Low convergence time • Low scalability
provide trustworthy services • High efficiency
• High accuracy
[60] A method to assess the trust Simulation iFogSim • High efficiency • Low scalability
between fog nodes in fog • High accuracy
computing
[85] A method to predict QoS for Simulation Python 3.7 • High credibility • High latency
service recommendation in IoT • High accuracy • Low scalability
environment • High reliability
• High trustworthiness
[86] An efficient, distributed, and Real testbed MovieLens • High performance • Low privacy
context-aware content caching dataset • Low computational cost • Low security
method for a mobile edge MEC network • High load balancing
computing environment • High trustworthiness
• High scalability
[87] A solution for service caching and Simulation Not mentioned • High performance • Low scalability
throughput maximizing in a mobile • High throughput
edge cloud environment, • Low delay
considering trust issue • Low resource usage
[88] A computing offloading approach Simulation MATLAB • High security • Low privacy

18
 Article Main idea Evaluation Tool Advantage Disadvantage
technique
with trust enforcement for a fog • Low latency
computing environment • High trustworthiness

Table 6. A comparison of proposed FEC trust management algorithms

Computation cost

Network lifetime
Trustworthiness

Load balancing

Compatibility
Performance
Robustness

Scalability
Reliability
utilization
Accuracy

Resource
Security

Privacy

Energy
Delay
Article

[72] *
[44] *
[73] * * * *
[74] * * *

of
[75] * * * * *
[76] * *

ro
[77] * * *
[78] * * *
[79] * * *

-p
[80] * * *
[81] * * * *
[82] * * * * *
re
[82] * * *
[73] * * *
[83] * * * *
lP

[83] * * * *
[60] * *
[85] * * *
na

[86] * * * * * *
[87] * * *
[88] * * *
ur

5.2. FEC trust management architectures

Jo

This category includes the papers that propose architecture without providing an algorithm to manage
trust in the FEC environment. Generally, the evaluation techniques of proposed architectures were Real
testbed or simulation. Subsection 5.2.1 discusses, analyzes, and compares the FEC trust management
architectures. Then, subsection 5.2.2 summarizes the information captured from reviewed papers and
compares them. Before reviewing the FEC trust management architectures, we present a generic
architecture of trust management systems, as shown in Fig. 5.
As shown in Fig. 5, the generic structure of trust management architecture includes cloud servers, FEC
nodes, and user devices in the FEC environment. The user devices could be fixed place devices such as a
smart fridge, smart TV, surveillance camera, or user-mobile devices such as smart wearable devices,
smart vehicles, and smartphones. The connections between a cloud server and FEC nodes are assumed to
be trustworthy, and establishing trust over these connections is out of the scope of this paper. Once a user
device sends a service request connection to an FEC node, the FEC node requires ensuring that the
requesting user device is trustworthy and not a malicious one. To this end, the FEC node computes the
trust value of the user device based on its own direct observations, past reputations, and indirect trust
reported from neighboring FEC nodes. If the user device is evaluated as trustworthy, the request is
accepted. In addition, the FEC node stores the trust value of the user device for future uses and propagates
it to any FEC requesting node.

19
 On the other hand, once a user device request is accepted, the user device requires to be sure that the
FEC node is secure, trustworthy, and can provide the requested service. To this end, the user device uses
its own direct trust value and indirect trust value (recommendations reported from neighboring FEC
nodes) to compute trust value and evaluate the trustworthiness of the FEC accepting node. The connection
is established if the FEC node is trustworthy; otherwise, it is aborted. Additionally, the trust value of the
FEC node is stored in the user device for further uses and is sent to neighboring FEC nodes by the user
device.

FEC Node to FEC Node Connection FEC Node to End User Connection

Cloud Servers

of
ro
-p
re
FEC Nodes
lP
na
ur
Jo

User Devices

Fig. 5. A generic structure of trust management architecture

20
5.2.1. A review on selected FEC trust management architectures
This subsection reviews the articles relevant to FEC trust management architectures including [89], [90],
[91], [92], [93], [94], [95], [96], [97], [98], [99], [100], and [101].
Kahla, et al. [89] presented a self-configuring trustworthy fog architecture using moving target defense
and intrusion detection system. It provided fog trust and security, mobilized the applications inside fog
using live migration, and improved the survival probability of mobile applications. However, the
migration of applications inside the fog decreased the availability of applications. Tur and Homsi [90]
proposed architecture to provide end-to-end trustworthiness of data in cloud/fog computing. The
architecture determined the trustworthiness criteria of nodes using an improved attribute-based access
control model and evaluated the trustworthiness. The architecture enhanced system performance.
However, the authors did not consider users' mobility, scalability, and privacy issues.
Kochovski, et al. [91] proposed a decentralized trust architecture for IoT environments using
independent blockchain-based services. The proposed architecture certified and monitored the users, IoT

of
data sources, and fog nodes. Additionally, it obtained trust attributes, established trust relationships

ro
among entities, services, and stakeholders of the platform, and achieved high QoS in the operation of
smart applications. However, due to a large number of transactions, the network performance was under
question. Gao, et al. [92] proposed a trustworthy architecture for cloud/edge that evaluated the credibility

-p
of edge devices, processed raw interaction data, and explored trust features executed in edge devices.
Experiments showed its accuracy and significant speed; however, due to its centralized cloud-
re
investigating module, the proposed architecture was less scalable and less reliable.
lP

Xu, et al. [93] introduced a trust evaluation mechanism that determined the reliability of edge nodes,
provided optimal edge node selection by users to cache the contents, improved the quality of experience
of mobile users, and prevented malicious edge node attacks. However, since the edge nodes cache
na

contents of mobile users, users' privacy was vulnerable. Xia, et al. [94] designed a storage model and
proposed a trust-oriented data access strategy for this model that was applicable for edge storage in IoT.
ur

Simulations showed that the proposed approach was data robust, highly secure, computationally
lightweight, and realized data recovery and sharing. Daoud, et al. [95] presented a distributed access
Jo

control architecture based on cooperation between fog and IoT nodes. The architecture included a
monitoring scheme to guarantee secure collaboration between operational parties and various resources.
The architecture was highly secure, privacy-aware, and had low latency; however, fog nodes' mobility
was not considered. Jiang and Tseng [96] focused on using a base station server in mobile edge network
environments. Using mobile edge computing, they proposed a complete trusted mechanism for data
transmission by the base station node. The proposed mechanism improved trust in data transmission.
However, some issues such as energy consumption, transmission latency, and computational time were
not considered.
Junejo, et al. [97] formulated the trust computation as a statistical regression problem based on multi-
factor trust parameters. They proposed a generic trust credibility model and a trust management system
for fog-enabled cyber-physical systems. Experiments showed that the proposed approach detected data
anomalies, prevented compromised nodes' malicious behavior, and countered with collusion attack.
Haghighi, et al. [98] proposed a distributed public key management architecture in which IoT devices
smartly decided whether to search fog/edge or cloud for key material. In addition, the architecture
collaboratively delivered the fog server's revocation list; thereby, it linked IoT and fog with minimum
dependency on the cloud. Qiao, et al. [99] presented a distributed trustworthy storage architecture and an
authentication protocol for intelligent transportation systems. The proposed approach calculated trust

21
value of nodes, stored dynamically data according to trustworthiness, amplified storage security,
improved resource scheduling, and secured network access.
Nawab [100] proposed an architecture in which the data are stored at the untrusted edge nodes, and
then digests of data were sent to the cloud for asynchronous certification by cloud nodes. This
asynchronous certification forced edge nodes to act trustworthy; otherwise, the mechanism detected and
punished the nodes. In addition, the architecture saved network bandwidth and cloud resources along with
reducing cost. Finally, Ouyang, et al. [101] proposed a trust-based task offloading scheme for IoT devices
that reliably offloaded tasks considering energy efficiency. The offloading scheme was cluster-based (the
tasks migrate within a cluster) that avoided large energy consumption and extreme data load. In addition,
the scheme included a trust evaluation mechanism that calculated the trust value of IoT devices, selected
trustworthy devices for task offloading, and excluded malicious devices.
5.2.2. A summary of FEC trust management architectures
Generally, this category tries to provide a universal and accurate architecture suitable for heterogeneous

of
FEC environments. However, some of them have ignored to consider scalability and availability. Table 7

ro
and Table 8 summarized comparison of reviewed architectures.
Table 7. Specifications of selected architectural approaches
Article Main idea Evaluation
technique
-p Tool Advantage Disadvantage
re
[89] Presenting self-configuring fog Real testbed MySql • Low migration • Low availability
architecture used moving target Sysdig overhead
defense and an intrusion detection • High applications
lP

system to provide trust and security in survival probability

IoT networks. • High security
[90] An architecture to provide end-to-end Real testbed Not • High security • Low mobility
trustworthiness of data in cloud/fog mentioned • High trustworthiness • Low scalability
na

Computing. • High performance • Low privacy

[91] Proposing decentralized trust Real testbed Ethereum • High trustworthiness • High cost
architecture for IoT environments ledger • High QoS • Low network
ur

using independent blockchain-based performance

services.
[92] A Lightweight trustworthy Simulation NetLogo • Mixed attack resistant • Centralized
Jo

architecture to evaluate the credibility • High security • Low reliability

of edge devices • High accuracy • Low scalability
• High efficient
• High speed
[93] A trust evaluation mechanism to Simulation Not • Edge node attack • Low privacy
specify the reliability of edge nodes mentioned resistant
and to select the optimal edge node for • High security
caching the contents • High user quality of
experience
[94] A storage model and a trust-oriented Simulation Not • High data robustness • Low scalability
data access strategy for edge storage mentioned • High security
for IoT • Low overhead
• Lightweight
computations
• High Adaptability
[95] A distributed access control approach Simulation iFogSim • High security • Low mobility
based on a security resource Java • High privacy
management model by cooperating platform • Low latency
between fog and IoT nodes

22
 Article Main idea Evaluation Tool Advantage Disadvantage
technique
[96] A trust model for wireless network Simulation MATLAB • High trustworthiness • Low security
security based on the edge computing • High energy
consumption
• High computational time
• High transmission
latency
[97] Formulating the trust computation as a Simulation iFogSim • High accuracy • Low scalability
statistical regression problem and • Low dependability • High cost
proposing a generic trust management • Attack resistant
system for fog-enabled cyber-physical • High credibility
systems • High security
[98] Distributed intelligent key Simulation MATLAB • Low network cost • Low privacy
management architecture for fog-IoT
environments
[99] Distributed trustworthy storage Simulation Not • High trustworthiness • Low scalability
architecture for intelligent mentioned • High efficiency
transportation systems • Low storage cost
• Low delay

of
[100] An architecture to store the data at Simulation Amazon • Low latency • Low scalability
untrusted edge nodes and certify them AWS • High throughput

ro
asynchronously by cloud nodes • Low bandwidth
• High trustworthiness
[101] A trust-based task offloading scheme Simulation Not • Low energy • Low scalability

-p
for IoT devices to reliably offload the mentioned • High accuracy
tasks considering energy efficiency • High trustworthiness
• High efficiency
re
• High reliability
lP

Table 8. A comparison of proposed FEC trust management architectures

na Trustworthiness

Performance
Credibility

Efficiency
Accuracy
Security

Latency
Privacy

Energy
Time

Cost

Article
ur
Jo

[89] * *
[90] * * *
[91] * *
[92] * * * *
[93] *
[94] * * *
[95] * * *
[96] *
[97] * * *
[98] *
[99] * * * *
[100] * * * *
[101] * * * *

5.3. FEC trust management frameworks/models

This category includes the papers that proposed a framework/model for trust management in the FEC
environment. A framework model includes architecture along with an algorithm. Generally, the authors
evaluated proposed frameworks/models through real testbed or simulation. The subsection 5.3.1
discusses, analyzes, and compares the FEC trust management frameworks/models. Then, the subsection
5.3.2 summarizes the information captured from reviewed papers and compares them.

23
5.3.1. A review on selected FEC trust management frameworks/models
This subsection reviews the articles relevant to FEC trust management frameworks/models including
[93], [102], [103], [104], [105], [106], [107], [108], [109], [110], [34], [111], [112], [113], [114], [115],
[116], [117], [118], [119], [120], [121], [122], [123], [124], [125], [126], [127], [128], [129], [130], [131],
[132], [133], [134], [135], [136], [137], [138], and [139].
Xu, et al. [93] suggested a fog-based hierarchical trust evaluation framework for the sensor-cloud
underlying structure that detected hidden data attacks, detected malicious nodes, recovered misjudgment
nodes, decreased network energy consumption, and guaranteed the edge nodes and network trust state.
However, the authors did not address trust-related issues such as heterogeneity, integrity, privacy, and
scalability. proposed a fog computing security framework using Role-Based Access Control (RBAC) and
a trust model. The framework calculated fog nodes' trust levels and managed to join mobile fog nodes.
The framework was flexible, dynamic, and detected and excluded untrusted nodes. However, the paper
did not consider the heterogeneity and scalability of the nodes. Rathee, et al. [103] proposed a secure

of
handoff mechanism that employed a trust manager between the IoT layer and the fog layer. In addition, it
evaluated trust value and ranked the IoT devices and fog nodes. The proposed mechanism prevented IoT

ro
device handoff attacks, detected and decreased malicious fog nodes, and improved accuracy,
performance, and system response time. However, the paper did not calculate the trust of services running

-p
on IoT and fog nodes based on dynamic and random parameters, and did not consider other types of
threats specific to fog environment.
re
Soleymani, et al. [104] proposed a fuzzy trust model to protect the vehicular network. The model
guaranteed validity of received data from authorized vehicles, evaluated the accuracy of event's location,
lP

detected malicious nodes, coped with the imprecision and uncertainty of information in the vehicular
network, and improved system performance in terms of accuracy and integrity. However, it ignored the
na

problem of feedback collusion or retaliation that decreases the trust systems' reliability. Rahman, et al.
[105] proposed a trust evaluation framework that a fog broker created fog sets and evaluated trust
considering cost, availability, QoS, and fog security. Using fuzzy logic, the framework filtered and
ur

selected the most trustworthy fog server that best fits user-defined criteria along with reducing the cost of
fog. However, it did not consider the cases that the user gave malicious feedback. Tajalizadeh and
Jo

Boostani [106] designed a trusted forwarding scheme that considered fog infrastructure nodes. The
scheme enhanced the delivery ratio, effectively reduced the latency and average hop count, and improved
routing quality. However, it ignored to consider the energy consumption, complex IoT applications, and
unequal trustworthy strength between nodes.
Bazm, et al. [107] used Linux containers secured by Intel's Software Guard Extensions (SGX)
technology and proposed a trust model for distributed computing on fog infrastructures to establish
trusted execution on untrusted fog computing infrastructures. Implementations showed that it was a
secure and flexible approach for distributed computing on fog infrastructures with a reasonable
performance overhead. However, the issues such as heterogeneity, integrity, privacy, and scalability were
ignored. Alemneh, et al. [108] used subjective logic and presented a distributed two-way trust
management system which the service providers checked the trustworthiness of service requesters and
vice versa. Simulations showed that the solution was accurate, resilient against trust-based attacks,
convergent, scalable, and efficient, considering QoS and social trust metrics. Using a trust feedback
system, Hussain and Huang [109] presented a multi-source trust evaluation model for fog-based IoT. The
designed model considered nodes' reputation, outsourced the malicious nodes, evaluated trust effectively
and trustworthy, and enhanced trust. However, this work did not consider issues such as energy
consumption, scalability, and heterogeneity of nodes. Wang, et al. [110] proposed a fine-grained trust

24
evaluation mechanism and designed a trustworthy environment based on edge computing. The
mechanism detected malicious server requesters and service providers, filtered out incorrect information,
selected reliable service providers, and ensured the security and QoS of cloud services. However, the
security, heterogeneity, needs of lightweight computations, and decentralization in edge computing
environment were ignored.
Al-khafajiy, et al. [34] proposed a fog computing trust assessing/management/recommendation
approach, using QoS and quality of protection history to evaluate fog nodes' trust level. The approach
reduced attacks, identified malicious fog nodes, decreased service response time, provided a secure and
trusted environment to share node's resources, promoted load balancing, and monitored fog's
performance. However, they did not discuss the energy consumption of fog nodes and the scalability of
the approach. Sharma, et al. [111] used edge-crowdsourcing and fission computing and proposed a
distributed entropy-based trust relaying and privacy preservation system in social IoT. This architecture
used fission managers to preserve privacy rules and used crowd-sourced mini-edge servers to define trust

of
between the entities. However, it was designed for the social IoT environment, limiting its applicability
and scalability in other scenarios.

ro
Wang, et al. [112] proposed an edge-computing-based model for trustworthy data collection in IoT.
The model merged multi-factor node trust evaluation and a method to generate the best mobile

-p
trustworthy path. In addition, it used a mobile edge data collector to visit the sensors and collect
trustworthy data. The proposed model provided higher trustworthiness and security of data, resisted
re
malicious attacks, reduced energy consumption, and extended network life cycle. Xu, et al. [113] used an
optimized blockchain smart contract and controlled caching transactions between mobile users and edge
lP

nodes. The authors provided a trust evaluation mechanism to find trustworthy caching services from
various edge nodes by mobile users. Simulations showed that it efficiently allocated caching resources for
mobile users, reduced delivery delay, and improved mobile users' experience quality. However, the
na

mechanism ignored energy consumption and scalability issues.

Wu, et al. [114] proposed a trust-aware task offloading framework that selected a resource provider for
ur

a user based on offloading policy, filtered out untrusted providers based on trust evaluation, reduced
latency and energy consumption, and ensured service trustworthiness at the same time. However, the
Jo

framework did not work on mobility management and task migration. Ogundoyin and Kamil [115], using
a fuzzy analytic process, proposed a generalized framework that identified trust criteria in fog computing,
provided a taxonomy and prioritized trust parameters. They showed that QoS and quality of security are
the most important parameters to evaluate the service provider's trust level. Forti, et al. [116] proposed a
methodology that simply defined security needs for IoT applications and security abilities of
infrastructure and automatically assessed deployed IoT applications' security levels.
Jararweh, et al. [117] designed a holistic framework that offered trustworthy, reliable, and sustainable
services at the network edge. This framework employed an intrusion detection system in edge servers and
utilized collaboration between edge servers and privacy mediation nodes. Liang, et al. [118] proposed a
fog-based trust computing architecture along with a lightweight trust computation algorithm. The
mechanism used different types of multi-source feedback and fog computing to calculate the trust value.
It effectively collected, transmitted, and calculated the trust data. Hussain, et al. [119] proposed a context-
aware multi-source trust evaluation system that evaluated user's trustworthiness based on nodes'
reputation in the fog-based IoT environment. Employing a context-aware feedback structure and a
monitoring mode made the model reliable, effective, and unbiased. Rahman, et al. [120] proposed a
framework that calculated the trust value of fog-based off-street vehicles, clustered vehicles according to
the trust value, and assigned tasks on the multiple vehicles in the same cluster; as a result, resource

25
utilization has improved, and trust requirements have been met.
Chuang, et al. [121] designed a trust-aware model that priced, traded, and protected IoT data in
economic systems. It used blockchain smart contracts to trade data automatically and reliably and
provided an evaluation model that enabled both demanders and suppliers to assess the trustworthiness of
each other. Deng, et al. [122] established a hierarchical trust evaluation framework based on reputation,
which provided security in the MEC network; edge servers managed the reputation data of edge nodes
and ensured edge nodes' reliability. Thereby, it efficiently detected misbehaviors and countered attacks.
Jiang, et al. [123] presented a trust-based data collection scheme in edge networks using the unmanned
aerial vehicle. They proposed an ant colony optimization-based algorithm that optimized the vehicle
pathway and thus extended the network lifetime. Additionally, they designed a trust evaluation algorithm
that evaluated the trust value of nodes.
Ogundoyin and Kamil [124] proposed a bi-directional trust management system based on fuzzy logic
that provided secure fog-to-fog cooperation and allowed a service provider and service requester to

of
evaluate each other's trust level. The simulation showed that the system was secure, accurate, reliable, and
efficient; however, the authors assumed the fog nodes were static and did not consider the mobility,

ro
scalability, and energy consumption of fog servers and smart devices. Lahiri, et al. [125] used IoT and
geographic location certificates and proposed a blockchain-based framework that validated the

-p
trustfulness of messages on the Internet of vehicles. Implementation showed scalability, low
computational time, robustness, and security of the framework; however, the authors did not optimize the
re
energy consumption of the framework. Simpson and Nagarajan [126] designed an edge-based framework
that established a trustworthy environment for smart cities, identified suspicious Sybil nodes among IoT
lP

devices, and successfully prevented Sybil attacks. Simulations showed that the framework reduced delay,
packet drop, the fraction of compromised nodes, and misdetection ratio and increased packet delivery
ratio, average throughput, and network resilience. However, the framework had not satisfactory
na

scalability and energy consumption. Hu, et al. [127] leveraged edge computing and legal changeability
property of blockchain and proposed an efficient and cost effective trust framework for organic
ur

agricultural supply chain. Evaluations showed the framework had high performance and low cost,
however it increased average response time.
Jo

Bhargava and Verma [128] proposed a trust model based on Dempster Shafer Theory to compute
trust value based on IoT-specific metrics. Using the model, edge servers computed edge devices trust
value, including node trust and data trust. The simulation showed that the model detected edge device and
channel misbehaviors, including modification and information drop. However, the model ignored to
consider uncertainty parameter in trust computation. El-Sayed, et al. [129] integrated multi-agent
modeling and edge computing and proposed a trust management framework for vehicular networks. The
framework leveraged the benefits of traveling vehicles and edge computing resources and dominated the
constraints of Peer-to-Peer and cloud computing networking. Additionally, it considered important
security issues such as performance, scalability, malicious node detection, accessibility, latency, privacy,
robustness, and uncertainty. Cui, et al. [130] designed a solution including an authentication framework
based on edge computing along with a compromised user device (UD) detection approach based on trust
evaluation and reinforcement learning. The solution consistently authenticated UDs through
heterogeneous networks while preserving privacy and avoiding compromised UDs to mount internal
attacks. The simulation showed the efficiency and security of the solution, however, it did not support
roaming scenarios and mutual trust evaluation in edge computing.
Lin, et al. [131] presented an edge-learning framework over wireless networks which employed social
trustworthy friends as learning participants. The framework found like-minded friends while it considered

26
a mutual trust. Simulations showed the high performance of the framework. Din, et al. [132] proposed a
lightweight method that computed direct and indirect trust values, established trust certificates, stored
trust degrees in a database, and allowed IoT nodes to communicate in a defined period without trust
computations. The method improved security and resiliency, reduced latency, and protected against
malicious activities in in industrial IoT (IIoT). However, it was centralized and had low scalability. Wang,
et al. [133] presented a trust evaluation model using storage capability and computing power of mobile
edge nodes that guaranteed IoT nodes reliability and provided protection against attacks. In the model,
mobile edge nodes visited intermediate nodes and their neighbors and collected sensor nodes trust
information. The model improved throughput, precision, security, reliability, scalability, and cost.
However, the model did not prevent malicious users from stealing shared information.
Zhang, et al. [134] combined blockchain and edge computing and proposed a system including three
features: a trust computing strategy that guaranteed edge devices reliability and enhanced efficiency of
data transmission, a method that ranked and sorted tasks to improve resource allocation in edge devices,

of
and a content model that predicted keywords context popularity. Simulations showed high reliability and
efficiency of the proposed system; however, the accuracy of trust computation was unsatisfactory. Zhang,

ro
et al. [135] presented an emergent semantic-based fog system, designed an impressive emergency content
propagation network that aggregated and analyzed emergency information, and proposed a trustworthy

-p
routing method that filtered out forgery content from malicious entities. To support stability and real-time
manner of edge devices executing tasks in the industrial Internet of energy, Bai, et al. [136] presented a
re
multi-edge framework that stored numerous edge data, thereby improving the efficiency of on-chain data,
and facilitated sharing cross-chain edge data in heterogeneous blockchain systems. In addition, they
lP

designed an optimal scheduling strategy that considered risk factors and preferences of edge users and
optimized users' resources.
Mazumdar, et al. [137] proposed a multilayer collaborative framework including IoT, fog, and cloud
na

that balanced a load of fog nodes through load sharing and guaranteed timely service necessary for time-
sensitive applications. In addition, the framework included fog nodes' authentication phase and a trust-
ur

based load-offloading feature to consider security issues. It improved latency, performance, and
efficiency; however, the authors did not consider the nodes' mobility. Al Muhtadi, et al. [138] considered
Jo

data loss, Denial of Service (DoS), and data breach and presented security architecture along with a
trusted technique for fog computing that established a secure fog environment. The subjective logic based
trust technique excluded malicious nodes from the network and improved trustworthiness. However, the
proposed architecture was still insecure against network attacks.
Finally, Singh, et al. [139] used collaboration filtering and Bayesian learning and proposed a robust
trust management model for fog nodes. The proposed model updated periodically to current calculated
trust values; thereby, it quickly reflected the behavior changes. In addition, it included a recommender
algorithm to select appropriate fog nodes considering the quality of protection and QoS. Simulations
showed the accuracy and high performance of the model; however, it did not handle a large number of
malicious edge nodes.
5.3.2. A summary of FEC trust management frameworks/models
Generally, this category aims to provide a complete framework/model applicable for heterogeneous FEC
environments. Since a framework/model includes both architecture and algorithm, it can provide a higher
level of trust in the FEC environment. Tables 9 and 10 summarize a comparison of the reviewed
frameworks/models.

27
 Table 9. Specifications of selected framework/model approaches
Article Main idea Evaluation Tool Advantage Disadvantage
technique
[93] A hierarchical trust mechanism Simulation MATLAB • High security • Low integrity
based on fog for the sensor-cloud • High accuracy • Low scalability
underlying structure. • Low energy
consumption
[102] A security framework using Real testbed SystemC • High trustworthiness • Low heterogeneity
RBAC and trust model that • High Flexibility and • Low scalability
dynamically manages to join • Low security
mobile fog nodes in a fog
computing system.
[103] Proposing a secure handoff Simulation NS2 • High security • Low adaptability
mechanism to evaluate the trust • High accuracy • Low heterogeneity
value of the IoT devices and fog • Low response time • Low integrity
nodes and detect the malicious • High performance • Low scalability
IoT and fog nodes.

of
[104] Proposing a fuzzy trust model to Simulation NS2 • High security • Low scalability
protect vehicular Ad hoc network SUMO • High performance • Low reliability
that guarantees the validity of the MOVE • High accuracy

ro
received data, using fog • High integrity
computing.
[105] Proposing a trust evaluation Simulation MATLAB • High trustworthiness • Low adaptability

-p
framework based on a fog broker • High resource
that evaluates trust of fog nodes, utilization
filters, and selects fog nodes • Low cost
re
using fuzzy logic.

• High efficiency • High energy

lP
[106] Design a fog computing-assisted Simulation Not
trustworthy forwarding scheme mentioned • Low latency • Low scalability
for mobile IoT. • Low average hop- • Low adaptability
count
na

• High routing quality

[107] Using trusted Linux containers Real testbed OpenSGX • High security • Low heterogeneity
and Intel’s software guard QEMU • High flexibility • Low integrity
extensions technology and • High performance • Low scalability
ur

proposing a model to establish a • Low overhead

trusted execution on untrusted fog
infrastructures.
Jo

[109] Use a multi-source trust Simulation Not • High trustworthiness • High energy
evaluation model for fog-based mentioned • High trust level • Low scalability
IoT to outsource the malicious
nodes.
[108] Proposing a distributed trust Real testbed Java • High accuracy • Low scalability
management system by which the platform • High convergent
service providers could check the • Low overhead
trustworthiness of service • High load balancing
requesters and vice versa. • High security
• High trustworthiness
[110] Proposing a fine-grained trust Simulation MATLAB • High cloud security • Low fog security
evaluation mechanism and • High performance
designing a trustworthy • High accuracy
environment based on edge • Low overhead
computing
[34] Proposing a fog computing trust Simulation MATLAB • Low response time • High energy
assessing/management/recommen • High performance • Low scalability
dation approach, using QoS and • High security
quality of protection history to • High load balancing
evaluate the trust level of fog
nodes.
[111] Using edge-crowdsourcing and Simulations Not • High trustworthiness • Low scalability
fission computing, proposing a mentioned • High performance
distributed entropy-based trust • Low integration cost
relaying and privacy preservation • High privacy
system in social IoT

28
Article Main idea Evaluation Tool Advantage Disadvantage
technique
[112] Proposing a model for Simulation MATLAB • High trustworthiness • Low scalability
trustworthy data collection in IoT • High security
based on multi-factor node trust • Low energy
evaluation and generating the best consumption
mobile trustworthy path • High network lifecycle

[113] Proposing a blockchain-based Simulations Not • Low cost • High energy

trust evaluation mechanism to mentioned • High efficiency • Low scalability
find trustworthy caching services • High trustworthiness
from various edge nodes by • Low delivery delay
mobile users

[114] Proposing a trust-aware task Simulations EdgeCloud • High trustworthiness • Low mobility
offloading framework to select a Sim • High accuracy
resource provider for a user based • Low task failure rate
on offloading policy and to filter LIBSVM • Low latency
out untrusted providers tool • Low energy
consumption

of
[115] Proposing a framework to Real testbed Not • Low latency • High cost
identify and prioritize trust mentioned • Low transmission • Low scalability
parameters

ro
delay
• Low packet loss ratio
• High reliability
• High confidentiality

-p • High integrity
• High availability
re
[116] A methodology to define FEC Prototype ProbLog • High efficiency • Low scalability
security requirements and assess
the security level
lP

[117] A trustworthy service delivery Simulation CloudExp • High service quality • Low security
approach for smart city • High reliability • Low scalability
• High availability
• High privacy
na

• Low delay
[118] A trust computing architecture Simulation NetLogo • Low computation time • Low reliability
along with a lightweight • Low Communication
ur

computation algorithm delay

• Low transmission cost
• High QoS
Jo

[119] Reputation and trust model for Simulation Not- • High reliability • Low integrity
fog-based IoT environment mentioned • High efficiency • Low scalability
[120] Trust-based task mapping Simulation iFogSim • High resource • Low mobilability
framework using fog-based off- utilization • Low scalability
street vehicles • Low latency
• High trustworthiness
[121] Trust-aware model to price, trade, Simulation Ethereum • High performance • Low privacy
and protect IoT data in economic • Low storage • Low scalability
systems • High reliability

[122] A hierarchical reputation-based Simulation OMNET++ • High trustworthiness • Low security

trust evaluation system for MEC • High efficiency • Low robustness
networks
[123] A trust-based data collection Simulation Python • High performance • Low privacy
scheme using unmanned aerial • Low energy • Low security
vehicles consumption • Low accuracy
• High network lifetime • Low reliability
[124] A trust management system based Simulation MATLAB • High security • Low mobility
on fuzzy logic that allows service NS3 • High accuracy • High energy
provider and service requester to Ubuntu • High reliability • Low scalability
evaluate each other’s trust level. • High efficiency
[125] A blockchain-based framework to Prototype Go- • High scalability • High energy
validate trustfulness of message ethereum • High robustness
in Internet of vehicles Node.js • High security
• Low computation time

29
Article Main idea Evaluation Tool Advantage Disadvantage
technique
[126] An edge-based framework to Simulation NS2.35 • High trustworthiness • Low scalability
establish a trustworthy • Low delay • High energy
environment for smart cities that • Low packet drop
prevents Sybil attacks • High security
• High accuracy
• High packet delivery
ratio
• High throughput
• High network
resilience
[127] An efficient and cost-effective Not Not • High performance • High average
trust framework for organic mentioned mentioned • Low cost response time
agricultural supply chain
[128] A trust model based on Dempster Simulation MATLAB • Low overhead • Low scalability
Shafer Theory to compute trust • High trustworthiness
value based on IoT specific
metrics
[129] A trust management framework Simulation OMNET++ • Low overhead • High energy

of
for vehicular networks SUMO • Low delay and latency
Venis • High accuracy

ro
• High delivery ratio
• High performance
• High scalability

-p
• High privacy
• High security
• High robustness
re
[130] A solution to authenticate UDs, Simulation OPENSSL • High efficiency • Low generality
and avoid compromised UDs to • High security
mount internal attacks • High accuracy
lP

• Low latency and delay

[131] A framework over wireless Simulation Not • High performance • Low scalability
networks to employ social mentioned • High accuracy
na

trustworthy friends as learning

participants
[132] A lightweight method to protect Simulation Contiki • High trustworthy • Centralized
against malicious activities in Cooja • High reliability • Low scalability
ur

industrial IoT (IIoT) • Low energy

• Low computation
• High accuracy
Jo

• Low latency
[133] A trust evaluation model using Simulation MATLAB • High reliability • Low privacy
mobile edge nodes to provides • High throughput • Shared information
protection against attacks in IoT • High accuracy vulnerability
• High Security
• High scalability
• Low cost
[134] A system that guarantees edge Simulation Not • High efficiency • Low accuracy
devices reliability enhances the mentioned • High reliability
efficiency of data transmission
and improves resource allocation
in the edge device
[135] A trustworthy routing method to Simulation EdgeCloud • High performance • Low scalability
filter out forgery content from Sim • Low Computational • Low generality
malicious entities cost
[136] Trustworthy scheduling and data Simulation MATLAB • High efficiency • High energy
sharing in the industrial Internet • Low communication • Low scalability
of energy overhead
• Low computation cost
• High reliability
• High interoperability
• High stability
[137] A multilayer framework that Simulation Python • Low latency • Low mobility
balances the load of fog nodes • High performance
and considers security issues • High efficiency

30
 Article Main idea Evaluation Tool Advantage Disadvantage
technique
• Low communication
overhead
• High scalability
[138] A security architecture along with Simulation iFogSim • High efficiency • Low security
a trusted technique that • High trustworthiness
establishes a secure fog • High scalability
environment
[139] A robust trust management model Simulation Not • High trustworthiness • Low scalability
for fog nodes using collaboration mentioned • High accuracy
filtering and Bayesian learning • High performance

Table 10. A comparison of the proposed FEC trust management framework/model

Computation
Performance
Trustworthiness

(Efficiency)

Availability
Reliability
utilization

balancing

Response
Accuracy

Resource

Network
Integrity
Security

lifetime
Privacy

Energy
Delay
Load

time

cost
Article

of
[93] * * *

ro
[102] * *
[103] * * * *
[104]
[105] *
* * *
*
-p *
*
re
[106] * *
[107] * * * *
lP

[108] * * * * * *
[109] *
na

[110] * * * *
[34] * * * *
[111] * * * *
ur

[112] * * * * *
[113] * * * *
Jo

[114] * * * *
[115] * * * * *
[116] *
[117] * * * *
[118] * * *
[119] * *
[120] * * *
[121] * *
[122] * *
[123] * * *
[124] * * * * * *
[125] * * * *
[126] * * * * * *
[127] *
[128] * *
[129] * * * * * * *
[130] * * * * *

31
 Computation
Performance
Trustworthiness

(Efficiency)

Availability
Reliability
utilization

balancing

Response
Accuracy

Resource

Network
Integrity
Security

lifetime
Privacy

Energy
Delay
Load

time

cost
Article

[131] * *
[132] * * * * * * *
[133] * * * * *
[134] * *
[135] * *
[136] * * * * * *
[137] * * * * *
[138] * *
[139] * * *

of
6. Analysis of results

ro
Based on the review protocol introduced in Section 4, we analyze the results of reviewed papers and then
answer the research questions defined in Section 4.1 are responded.

6.1. An overview of the primary studies

-p
re
The following complimentary research question is considered to analyze the state-of-the-art research on
FEC trust management.
lP

• What are the fora that publish the research results on FEC trust management?
To answer this question, we extract authors’ affiliations, as shown in Table 11, research groups in a
na

particular university or institute that have published at least two studies called active research groups. As
seen, researchers from the following institutes have published a substantial number of research papers on
ur

FEC trust management: China Huaqiao University in China, Central South University in China, Shanghai
Jiao Tong University in China, Beijing University of Posts & Telecommunications in China, Macquarie
Jo

University in Australia, Fordham University in the USA, Liverpool John Moores University in the UK,
and other communities.
Table 11. Active research groups and their research focuses
University/Institute Studies
Huaqiao University, China [44], [73], [74], [80],
[101], [93], [110],
[112], [123], [133]
Central South University, China [44], [73], [93], [110],
[112] [122], [123]
Shanghai Jiao Tong University, China [74], [83], [86], [99],
[131], [135]
Beijing University of Posts & Telecommunications, China [78], [79],[92], [106],
[130],
Macquarie University, Australia [80], [81], [98], [131],
[133]
King Saud University, KSA [104], [119], [132],
[133], [138]
Fordham University, USA [73], [93], [112]
Liverpool John Moores University, UK [105], [34], [120]
Zhejiang Gongshang University, China [80], [93], [110]
Nanjing University of Aeronautics and Astronautics, China [109], [114], [119]
Universiti Teknologi Brunei, Brunei [77], [105], [120]
Nanjing University of Information Science and Technology, China [81], [73], [134]
Research Focus
Algorithm - Architecture -
Framework/model
Algorithm - Framework/model
Algorithm – Architecture-
Framework/model
Algorithm - Architecture -
Framework/model
Algorithm –Architecture-
Framework/model
Framework/model
Algorithm - Framework/model
Framework/model
Algorithm - Framework/model
Framework/model
Algorithm - Framework/model
Algorithm - Framework/model

32
 University/Institute Studies Research Focus
Dalian University of Technology, China [83], [86], [87] Algorithm
Guangzhou University, China [44], [93], [133] Algorithm - Framework/model
University of Macau, China [44], [93] Algorithm - Framework/model
Tianjin University, China [73], [94] Algorithm- Architecture
Vellore Institute of Technology, India [73], [112] Algorithm - Framework/model
Shanghai University, China [93], [113] Architecture- Framework
Xiamen University of Technology, China [110], [112] Framework/model
Qufu Normal University, China [81], [73] Algorithm
Collaborative Innovation Center of Novel Software Technology and [109], [114] Framework/model
Industrialization, China

6.2. Objectives of research, evaluation parameters, and techniques

According to statistical analysis of the selected papers, we answer the research questions defined in
Section 4.1
➢ RQ2: What are the research categories of proposed FEC trust management approaches? Besides, what

of
are the achievements in this field?
To answer this question quantitatively, the framework/model category covers the majority of FEC trust

ro
management approaches, with 40 research papers of 74 papers or 54%. The next category by 28% of all
research papers is the algorithm category. Finally, the last category by 18% of all papers is the
architecture category, as shown in Fig. 6.
-p
re
FEC trust management approaches
lP

Architecture
18%
na
ur

Framework/model
Jo

54%
Algorithm
28%

Fig. 6. The percentage of the FEC trust management approaches.

On the other hand, to answer qualitatively, Table 12 summarizes the benefits and defects of each
category. Considering the obtained information from Tables 5, 7, and 9, we introduced these three
approaches' major weaknesses and strengths in Table 12. Accordingly, in FEC trust management
algorithms, factors such as performance, trustworthiness, and accuracy were enhanced; however,
reliability, scalability, and compatibility were ignored. In FEC trust management architectures, security,
trustworthiness, computational cost, and performance were improved; however, they suffered from
inadequate reliability and scalability. Additionally, they suffered from considering a limited number of
factors, and the proposed FEC trust management architectures have not been evaluated with various
evaluation factors. FEC trust management frameworks/models made efforts to increase performance,
trustworthiness, and security, but they ignored to focus on response time, network lifetime, and integrity.

33
 Table 12. Benefits and defects of each category of approaches
Framework/model Algorithm Architecture
● Better performance ● Better performance ● Better security
● Better trustworthiness ● Better accuracy ● Better trustworthiness
Merits
● Better security ● Better trustworthiness ● Better performance
● Better computational cost
● Unsatisfied response time ● Unsatisfied reliability ● Unsatisfied reliability
● Unsatisfied network lifetime ● Unsatisfied scalability ● Unsatisfied scalability
Demerits ● Unsatisfied integrity ● Unsatisfied compatibility

➢ RQ3: What are the current approaches, techniques, and tools to provide trust management in the FEC?
All of the proposed trust management approaches have used arbitrary techniques, factors, and tools to
evaluate the approach, so we study FEC trust management approaches from these aspects to reach the
answer.
• Evaluation techniques

of
As summarized in Tables 5, 7, and 9, simulation, real testbed, and prototyping were used more than the

ro
other techniques. As shown in Fig. 7, simulation (86%), real testbed (11%), and prototyping (3%) were
used. Simulation is the most used technique. Since a real fog environment has not been provided to

-p
researchers, most of them used simulation to evaluate their approach.
re
Evaluation techniques
Prototype
lP

Real testbed 3%
11%
na
ur
Jo

Simulation
86%

Fig. 7. The percentage of evaluation techniques in the studied papers.

• Evaluation factors
Based on Tables 6, 8, and 10, performance (17%), security (12%), and trustworthiness (12%) are the main
evaluation factors, respectively, as shown in Fig. 8. Additionally, as depicted in Fig. 9, FEC trust
management algorithms used performance (16%), trustworthiness (10%), and accuracy (10%) more than
the other evaluation factors. Trust management architectures used security (20%), trustworthiness (17%),
and performance (11%) more than the other evaluation factors. Finally, the framework/model category
used performance (19%), trustworthiness (12%), and security (12%) more than the other evaluation
factors. The mentioned percentages are obtained from (1):
Frequency_P(i)
Percentage P(i) = number of P × 100 (1)
∑j=1 Frequency_P(j)

34
 Evaluation Factors
30.00% 26.00%
25.00%
20.00% 17.00%
15.00% 12.00% 12.00%
10.00%
10.00% 8.00% 8.00% 7.00% 6.00%
5.00%
0.00%

of
Fig. 8. The percentage of evaluation factors in all investigations.

ro
30%
Evaluation Factors

-p
re
26%
25%
20% 20%
lP
19%
20% 16% 17%
18%

15% 11%
12% 12%
10% 11% 10% 10%
9% 9%
na

10% 8% 8% 8% 8%
7% 7%
6% 6% 6%
5%
5%
0%
0%
ur
Jo

Algorithm Architecture Framework/model

Fig. 9. Evaluation factors percentage over different categories..

• Evaluation tools
Using simulation and modeling tools is necessary for the system design phase and helps to detect and
remove errors and construct an efficient system. According to Tables 5, 7, and 9, MATLAB, NetLogo,
NS2, iFogSim, Ethereum, and OMNET++ have the most use in the selected articles, as shown in Fig. 10.
Additionally, the authors used the MATLAB tool more than the other tools.

35
 40% 37%
35%
30% 27%
25%
20%
15%
10% 6%
5% 5% 5% 4% 4%
5% 2% 1% 1% 1% 2%
0%

of
Fig. 10. The percentage of trending evaluation tools in the selected articles.

ro
7. Future trends and open issues

-p
Nowadays, there are still important issues that researchers should consider to improve FEC trust
management approaches; however, they have not paid much attention to these issues. This section
re
discusses the open issues of FEC trust management to answer RQ4,
➢ RQ4: What are the FEC trust management's future challenges and open issues?
lP

Analyzing collected data from reviewed papers shows that the following open issues and future directions
exist in the field of FEC trust management, as shown in Fig. 11.
na

Resource
Multi- management
ur

objective Scalability
optimization
Trust
Jo

Mobility
computation

Real fog
SDN/NFV
environment

Power
Blockchain
management

Future trends
and open issues
in FEC trust
management
Privacy Heterogeneity

Fig. 11. An overview of future trends and open issues

36
• Privacy-preserving approaches
Privacy plays a significant role in data access, data storage, humans’ privacy, and business data
confidentiality in FEC trust management approaches and enhances public sureness. Privacy is defined as
“denying unauthorized access to credentials and confidential information of FEC clients and servers”.
The FEC nodes process sensitive private data of the user, and increasing end-user devices connected to
the FEC network makes the huge volume of transferred and processed data more vulnerable. Since the
authentication and data anonymity technologies are in progress yet, privacy-preserving trust approaches
are still in elementary stages. Additionally, heterogeneity of the FEC network increases the complexity of
the issue. However, few studies have investigated privacy-preserving trust management approaches, and
privacy remains a very challenging open issue [140].
• Power management
Since the user devices may have resource constraints in terms of processor, memory, and battery power,

of
trust values computing and publishing become a challenging issue for the devices. Additionally, the FEC
nodes should compute and publish trust values as same as user devices. Increasing user devices connected

ro
to the FEC network leads to an increase in energy consumption in the FEC network to compute and
publish trust values, which causes an increase in carbon production and operational cost and a decrease in

-p
network life. To reduce energy consumption, trust mechanisms should be lightweight and low energy
consuming [123]. Since few trust management approaches have considered power consumption,
re
designing power-saving trust management schemes remains a challenging issue.
• SDN/NFV
lP

Due to limitations of user devices, providing and managing the trust for FEC infrastructure comprising
numerous heterogeneous connected devices is very difficult. A software-defined network (SDN)
na

improves the management of user devices through its inherent monitoring, global control, visibility, and
programmability. Additionally, the SDN efficiently provides fine-grained trust monitoring, provides
security, facilitates dynamically trust policy definition and enforcement, and protects against various
ur

attacks in the FEC environment. On the other hand, SDN and network function virtualization (NFV) are
quite complementary. A mixture of them is suitable for the FEC and provides flexibility and speed to
Jo

construct, manage, and deploy new trust management approaches [141]. However, the NFV and SDN are
still in progress and development, need new standards and innovations, and could be an interesting
research trend.
• Mobility
In heterogeneous and dynamic networks such as FEC, device location is an important factor for trust
computation, and devices with known locations are more trustworthy than devices with unknown
locations. The mobility of user devices is an essential property of FEC and leads to many trust and
security issues. Additionally, the FEC environment is naturally dynamic, and FEC nodes join and leave
the network repeatedly. Hence, cloud trust and authentication approaches are not directly applicable to the
FEC environment. Mobility in FEC trust management approaches is the ability to provide trust while the
user devices are moving and connecting to the gateway anywhere and anytime. Mobility, combined with
reliability, makes the approach fault-tolerant, reduces packet loss, enables access to user devices
independent of locations, and improves QoS [142, 143]. Hence, mobility in FEC trust management is an
interesting research challenge.

37
• Multi-objective optimization
As observed from the reviewed studies, each approach considers some factors while ignoring the others;
for example, it considers reliability and security and ignores delay and cost. Thereby, designing a solution
that considers different factors and makes a tradeoff among them is an open issue.
• Scalability
Another important issue in the FEC system is scalability, that is, the ability of an approach to continue
working and satisfy the changing needs while the numbers of devices, number of users, or geographical
scope are changed. A scalable approach can adapt itself with a larger scale, whereas most of the current
proposed FEC trust management approaches could operate on a small scale, predefined, static, or
unchanging system. Therefore, supporting scalability remains a challenging discussion.
• Trust computation issues
Trust composition: Selecting and compositing trust metrics and generating precise

of
o
recommendations based on the metrics play a significant role in FEC trust management systems.

ro
Due to the diversity of FEC nodes, heterogeneity of connected user devices, and variety in
transferred and processed data, the composition of trust metrics could be completely different in

-p
FEC trust management systems. Therefore, selecting proper trust metrics need more investigation
to improve trust computation resiliency and accuracy [144].
re
o Trust propagation: Since the FEC environment is dynamic and FEC nodes frequently join and
leave the network, the distributed model is suitable and widely used to propagate trust. However,
lP

the search problem and data filtering become a challenge to propagate decentralized trust data.
Therefore, recently some researchers suggested using centralized trust propagation schemes
leveraging a cloud-based trust management system. However, the big challenge of this paradigm
na

is designing the infrastructure that enables the propagation of trust information between a cloud
server and FEC nodes [145].
ur

o Trust aggregation: Some trust aggregation approaches that could be used are Bayesian inference,
weighted sum, dynamically weighted, and fuzzy logic. However, neither analysis nor
Jo

comparative study has been done to analyze and evaluate trust aggregation algorithms in the FEC
environment. Because the aggregation process of trust evidence includes collecting direct trust
(self-observations) and indirect trust (neighbors recommendations), it deals with several
challenges such as categorizations and imbalance problems [146].
o Trust update: Generally, two methods exist to update trust value, including event-driven and
time-driven. In an event-driven method, the trust value is updated when each transaction or
service is completed. It is appropriate for centralized trust management approaches such as cloud-
based models. In a time-driven approach, the trust value is updated periodically to satisfy system
limitations such as energy consumption, network bandwidth, and computation power. It is
suitable for decentralized trust propagation models that a tradeoff between accuracy and energy
consumption is required. In the former, the time between two consecutive instances of a
transaction, and in the latter, the trust update interval could directly affect the trust score of nodes.
Since the malicious nodes could perform a large number of services before trust update, this
factor should be investigated more in the future [147].
o Trust formation: The big challenging issue of trust formation is integrating several trust metrics.
Therefore, another research direction is investigating trust formation approaches. Some potential
approaches to be investigated in the future include dynamic weighted sum, defining a minimum

38
 threshold for each trust metric without mixing multiple metrics into one, and using one trust
metric as the base one, which is scaled by other trust metrics [148]. If it is possible to adjust
dynamically the trust metrics’ weights, a dynamic weighted sum approach could improve system
performance.
• Lack of real fog environment
Implementing the proposed FEC trust management approaches in a real testbed is the best way to evaluate
them and ensure if they could offer sufficient trustworthiness, whereas only 11% of them have been
experienced in such an environment, and the others have been simulated. Therefore, providing a real
testbed is an open issue.
• Blockchain
Blockchain is one of the technologies that could be leveraged in FEC. The ability to protect against
unauthorized insert, change, and delete the blocks’ information, makes it appropriate distributed

of
technology to provide trust and security in FEC [83, 91]. Blockchain technology could improve FEC
environment trustworthiness since it allows only trusted nodes to communicate with each other. Some

ro
interesting open research issues are designing a blockchain-based trust model for the FEC environment
and developing distributed security frameworks using hybrid SDN blockchain [149, 150] to provide

-p
continuous monitoring without a single point failure. Additionally, developing authentication schemes for
FEC devices, presenting trusted data management models to support privacy and authorization [151-153],
re
combining artificial intelligence and blockchain to improve FEC security [154, 155], and developing
robust and lightweight optimization algorithms for the blockchain ecosystem are the other future research
lP

trends. The use of blockchain in the FEC trust management has not been investigated completely and
remains an open issue.
na

• Heterogeneity
Heterogeneity has a significant role in trust computation in the FEC environment. The current trust and
ur

security approaches have not been designed for billions of heterogeneous interconnected devices. The
current approaches sometimes have high overhead and heavy computations, whereas the FEC system
Jo

includes heterogeneous devices with different energy levels, computation and storage power,
communication protocols, network topologies, and information structures [156]; therefore, it could affect
the trust management process. The FEC trust management techniques should consider the heterogeneity
of real-world scenarios, and current trust approaches are not fully applicable to FEC. Since few
researchers have considered heterogeneity, it needs more attention in the future.

8. Vulnerabilities to validity and limitations

The following factors may threaten the validity of the current SLR:
• Vulnerabilities to primary papers identification: During conducting this SLR, the main objective was
to honestly retrieve comprehensive related papers and avoid biases. To aim this, well-known databases
including ScienceDirect, IEEE, ACM, Springer, Wiley, and GoogleScholar were searched using
common terms combined in the search strings. In addition, we proposed a review protocol to improve
the accuracy of the papers selection process and remove any bias.
• Vulnerabilities to the consistency of selecting and extracting data: The SLRs have a quality evaluation
method that tries to produce correct results, omit systematic errors in study conduction, and observe
the usable results outside the study context. We used two quality evaluation methods in the current
study. The former aimed to evaluate the quality of papers according to their capability and suitability

39
 for answering to RQs, and the latter was used to answer one of our basic RQs. In the SLRs, the quality
evaluation process tries to determine the effect of primary papers’ quality on the conclusion. The low-
quality primary papers lead to unreliable and weak conclusions.
• Vulnerabilities to data synthesizing and results: The unreliability is another vulnerability of SLRs.
This threat is reduced by cooperating several researchers, applying an integrated characterization
design, and providing multiple phases in which the design and process are examined and evaluated.
Though we tried to follow the guidelines introduced by [16] to conduct our systematic review, we
have deviated from their process, as detailed in Section 4.
We claim that the quality of the current SLR is high since a systematic review procedure, multiple
researchers, and external evaluations were applied. This review tried to provide a systematic and holistic
review. However, we should note some constraints of this review as follows:
• This research includes high-quality conference papers and journal articles; however, non-English

of
scripts, book chapters, books, symposiums, short articles, and commentaries have not been included.
• Despite applied databases (ScienceDirect, IEEE, ACM, Springer, Wiley, and GoogleScholar) have

ro
proved to provide the most authentic and reliable articles, the authors claim that some articles relevant
to FEC trust management may have been dropped or failed to be retrieved.

-p
• The studied papers were classified into three categories: algorithm, architecture, and framework/model
re
approaches, although other categorizations could be done.
lP

9. Conclusion
This paper conducted an SLR on the FEC trust management approaches. First, 1296 articles published
between 2015 and July 2021 were selected. Then, according to defined exclusion/inclusion criteria, 74
na

articles out of 1296 articles were selected. Finally, the articles were analyzed, appropriate data were
exploited, and categorized into three categories: algorithm, architecture, and framework/model solutions.
ur

Based on our categorization, the framework/model category has the most frequency with 54% of
frequency, whereas the algorithm category by 28% and the architecture category by 18% come next.
Jo

Additionally, the main idea, advantages, and disadvantages of each paper were discussed. We explored
evaluation types, evaluation factors, and tool support employed in the reviewed papers. Based on the
statistics, most papers tried to enhance the performance by 17%, security by 12%, and trustworthiness by
12%. Moreover, analyzing the evaluation techniques showed that 86% of the studied papers used
simulation tools, and 11% used real testbeds to evaluate FEC trust management approaches. Additionally,
MATLAB had 27% of used evaluation tools, and it is a trend. Eventually, to develop efficient FEC trust
management approaches, open challenges, and future directions such as mobility, SDN/NFV, power
management, privacy, resource management, multi-objective optimization, trust computation, blockchain,
scalability, real fog environment, and heterogeneity were described in detail. We certainly wish that the
study results would help other researchers to propose FEC trust management approaches efficiently as
their future works.

References

[1] M. Chiang and T. Zhang, "Fog and IoT: An Overview of Research Opportunities," IEEE Internet
of Things Journal, vol. 3, no. 6, pp. 854-864, 2016.
[2] P. Zhang, M. Zhou, and G. Fortino, "Security and trust issues in Fog computing: A survey,"
Future Generation Computer Systems, vol. 88, pp. 16-27, 2018/11/01/ 2018.

40
[3] A. Yousefpour et al., "All one needs to know about fog computing and related edge computing
paradigms: A complete survey," Journal of Systems Architecture, vol. 98, pp. 289-330,
2019/09/01/ 2019.
[4] C. Chang, S. N. Srirama, and R. Buyya, "Internet of things (IoT) and new computing paradigms,"
Fog and edge computing: principles and paradigms, vol. 6, pp. 1-23, 2019.
[5] G. Fortino, L. Fotia, F. Messina, D. Rosaci, and G. M. L. Sarné, "Trust and Reputation in the
Internet of Things: State-of-the-Art and Research Challenges," IEEE Access, vol. 8, pp. 60117-
60125, 2020.
[6] N. Alimorad, M. Maadani, and M. Mahdavi, "REO: A Reliable and Energy Efficient
Optimization Algorithm for Beacon-enabled 802.15.4–based Wireless Body Area Networks,"
IEEE Sensors Journal, pp. 1-8, 2021.
[7] M. Maadani, "Reanalyzing a simplified Markov model for the low-density P2P wireless sensor
and actuator networks," Telecommunication Systems, vol. 70, no. 2, pp. 159-169, 2019.
[8] M. Jangjou and M. K. Sohrabi, "A Comprehensive Survey on Security Challenges in Different
Network Layers in Cloud Computing," Archives of Computational Methods in Engineering,

of
2022/01/24 2022.
[9] M. K. Sohrabi, V. Ghods, and N. Mohammadian, "Privacy of cloud data using a secure SSO

ro
architecture," in 2017 Computing Conference, 2017, pp. 224-229.
[10] R. Roman, J. Lopez, and M. Mambo, "Mobile edge computing, Fog et al.: A survey and analysis

-p
of security threats and challenges," Future Generation Computer Systems, vol. 78, pp. 680-698,
2018/01/01/ 2018.
re
[11] S. Nasrollahzadeh, M. Maadani, and M. A. Pourmina, "Optimal Motion Sensor Placement in
Smart Homes and Intelligent Environments using a Hybrid WOA-PSO Algorithm," Journal of
Reliable Intelligent Environments, pp. 1-20, 2021.
lP

[12] OpenFog_Consortium_Architecture_Working_Group, "OpenFog reference architecture for fog

computing," Technical Report, 2017.
na

[13] M. Rahimi, M. Songhorabadi, and M. H. Kashani, "Fog-based smart homes: A systematic

review," Journal of Network and Computer Applications, vol. 153, p. 102531, 2020/03/01/ 2020.
[14] A. Najafizadeh and M. H. Kashani, "A Novel intelligent mechanism for energy efficiency in
ur

hierarchical WSNs," Int J of Adv Eng Sci and Tech, vol. 10, no. 1, pp. 139-144, 2011.
[15] M. Petticrew and H. Roberts, Systematic Reviews in the Social Sciences: A Practical Guide.
Jo

Wiley, 2008.
[16] P. Brereton, B. A. Kitchenham, D. Budgen, M. Turner, and M. Khalil, "Lessons from applying
the systematic literature review process within the software engineering domain," Journal of
systems and software, vol. 80, no. 4, pp. 571-583, 2007.
[17] R. Sarvizadeh, M. H. Kashani, F. S. Zakeri, and S. M. Jameii, "A novel bee colony approach to
distributed systems scheduling," International Journal of Computer Applications, vol. 42, no. 10,
pp. 1-6, 2012.
[18] B. K. a. S. Charters, "Guideline for Performing Systematic Literature Reviews in Software
engineering," Keele University and University of Durham, 2007.
[19] K. Bilal, O. Khalid, A. Erbad, and S. U. Khan, "Potentials, trends, and prospects in edge
technologies: Fog, cloudlet, mobile edge, and micro data centers," Computer Networks, vol. 130,
pp. 94-120, 2018/01/15/ 2018.
[20] F. Giust et al., "MEC deployments in 4G and evolution towards 5G," ETSI White paper, vol. 24,
no. 2018, pp. 1-24, 2018.
[21] K. Dolui and S. K. Datta, "Comparison of edge computing implementations: Fog computing,
cloudlet and mobile edge computing," in 2017 Global Internet of Things Summit (GIoTS), 2017,
pp. 1-6.
[22] M. Satyanarayanan, P. Bahl, R. Caceres, and N. Davies, "The Case for VM-Based Cloudlets in
Mobile Computing," IEEE Pervasive Computing, vol. 8, no. 4, pp. 14-23, 2009.

41
[23] V. Bahl, "Emergence of micro datacenter (cloudlets/edges) for mobile computing," Microsoft
Devices & Networking Summit, vol. 2015, p. 2.1, 2015.
[24] S. Ketu and P. K. Mishra, "Cloud, Fog and Mist Computing in IoT: An Indication of Emerging
Opportunities," IETE Technical Review, pp. 1-12, 2021.
[25] E. M. Dogo, A. F. Salami, C. O. Aigbavboa, and T. Nkonyana, "Taking cloud computing to the
extreme edge: A review of mist computing for smart cities and industry 4.0 in Africa," Edge
computing, pp. 107-132, 2019.
[26] OpenEdge_Consortium, "About - the who, what, and how," Technical Report, OpenEdge
Computing.
[27] M. H. Kashani, H. Zarrabi, and G. Javadzadeh, "A new metaheuristic approach to task
assignment problem in distributed systems," in 2017 IEEE 4th International Conference on
Knowledge-Based Engineering and Innovation (KBEI), Tehran, Iran, 2017, pp. 0673-0677.
[28] R. Xu, W. Jin, and D. H. Kim, "Knowledge-based edge computing framework based on CoAP
and HTTP for enabling heterogeneous connectivity," Personal and Ubiquitous Computing,
2020/11/25 2020.

of
[29] S. N. Sajedi, M. Maadani, and M. Nesari Moghadam, "F-LEACH: A Fuzzy-Based Data
Aggregation Scheme for Healthcare IoT Systems," The Journal of Supercomputing, pp. 1-18,

ro
June 2021.
[30] M. Norouzi Shad, M. Maadani, and M. Nesari Moghadam, "GAPSO-SVM: An IDSS-based

-p
Energy-Aware Clustering Routing Algorithm for IoT Perception Layer," Wireless Personal
Communications, pp. 1-19, 2021.
re
[31] W. Shi, J. Cao, Q. Zhang, Y. Li, and L. Xu, "Edge Computing: Vision and Challenges," IEEE
Internet of Things Journal, vol. 3, no. 5, pp. 637-646, 2016.
[32] S. Sicari, A. Rizzardi, L. A. Grieco, and A. Coen-Porisini, "Security, privacy and trust in Internet
lP

of Things: The road ahead," Computer Networks, vol. 76, pp. 146-164, 2015/01/15/ 2015.
[33] M. Chiregi and N. J. Navimipour, "Trusted services identification in the cloud environment using
na

the topological metrics," Karbala International Journal of Modern Science, vol. 2, no. 3, pp. 203-
210, 2016/09/01/ 2016.
[34] M. Al-khafajiy et al., "COMITMENT: A Fog Computing Trust Management Approach," Journal
ur

of Parallel and Distributed Computing, vol. 137, pp. 1-16, 2020/03/01/ 2020.
[35] P. S. Challagidad and M. N. Birje, "Multi-dimensional dynamic trust evaluation scheme for cloud
Jo

environment," Computers & Security, vol. 91, p. 101722, 2020/04/01/ 2020.

[36] M. Chiregi and N. Jafari Navimipour, "Cloud computing and trust evaluation: A systematic
literature review of the state-of-the-art mechanisms," Journal of Electrical Systems and
Information Technology, vol. 5, no. 3, pp. 608-622, 2018/12/01/ 2018.
[37] L. Gu, J. Wang, and B. Sun, "Trust management mechanism for Internet of Things," China
Communications, vol. 11, no. 2, pp. 148-156, 2014.
[38] M. Nabati, M. Maadani, and M. A. Pourmina, "AGEN-AODV: An Intelligent Energy-Aware
Routing Protocol for Heterogeneous Mobile Ad-hoc Networks," Mobile Networks and
Applications, pp. 1-15, 2021.
[39] B. Pourghebleh, K. Wakil, and N. J. Navimipour, "A Comprehensive Study on the Trust
Management Techniques in the Internet of Things," IEEE Internet of Things Journal, vol. 6, no.
6, pp. 9326-9337, 2019.
[40] U. Jayasinghe, A. Otebolaku, T. Um, and G. M. Lee, "Data centric trust evaluation and prediction
framework for IOT," in 2017 ITU Kaleidoscope: Challenges for a Data-Driven Society (ITU K),
2017, pp. 1-7.
[41] P. Wang and P. Zhang, "A Review on Trust Evaluation for Internet of Things," presented at the
Proceedings of the 9th EAI International Conference on Mobile Multimedia Communications,
Xi'an, China, 2016.

42
[42] W. Z. Khan, M. Y. Aalsalem, M. K. Khan, and Q. Arshad, "Enabling Consumer Trust Upon
Acceptance of IoT Technologies Through Security and Privacy Model," in Advanced Multimedia
and Ubiquitous Engineering, Singapore, 2016: Springer Singapore, pp. 111-117.
[43] S. Chen, H. Xu, D. Liu, B. Hu, and H. Wang, "A Vision of IoT: Applications, Challenges, and
Opportunities With China Perspective," IEEE Internet of Things Journal, vol. 1, no. 4, pp. 349-
359, 2014.
[44] G. Zhang, T. Wang, G. Wang, A. Liu, and W. Jia, "Detection of hidden data attacks combined
fog computing and trust evaluation method in sensor-cloud system," Concurrency and
Computation: Practice and Experience, vol. n/a, no. n/a, p. e5109.
[45] Z. Banković, J. C. Vallejo, D. Fraga, and J. M. Moya, "Detecting Bad-Mouthing Attacks on
Reputation Systems Using Self-Organizing Maps," in Computational Intelligence in Security for
Information Systems, Berlin, Heidelberg, 2011: Springer Berlin Heidelberg, pp. 9-16.
[46] M. Ghafoorian, D. Abbasinezhad-Mood, and H. Shakeri, "A Thorough Trust and Reputation
Based RBAC Model for Secure Data Storage in the Cloud," IEEE Transactions on Parallel and
Distributed Systems, vol. 30, no. 4, pp. 778-788, 2019.

of
[47] Z. Yan, P. Zhang, and A. V. Vasilakos, "A survey on trust management for Internet of Things,"
Journal of Network and Computer Applications, vol. 42, pp. 120-134, 2014/06/01/ 2014.

ro
[48] T. H. Noor, Q. Z. Sheng, Z. Maamar, and S. Zeadally, "Managing Trust in the Cloud: State of the
Art and Research Challenges," Computer, vol. 49, no. 2, pp. 34-45, 2016.

-p
[49] J. Guo, I.-R. Chen, and J. J. P. Tsai, "A survey of trust computation models for service
management in internet of things systems," Computer Communications, vol. 97, pp. 1-14,
re
2017/01/01/ 2017.
[50] I. U. Din, M. Guizani, B. Kim, S. Hassan, and M. K. Khan, "Trust Management Techniques for
the Internet of Things: A Survey," IEEE Access, vol. 7, pp. 29763-29787, 2019.
lP

[51] U. Ahmed, I. Raza, and S. A. Hussain, "Trust Evaluation in Cross-Cloud Federation: Survey and
Requirement Analysis," ACM Comput. Surv., vol. 52, no. 1, p. Article 19, 2019.
na

[52] A. I. A. Ahmed, S. H. Ab Hamid, A. Gani, S. khan, and M. K. Khan, "Trust and reputation for
Internet of Things: Fundamentals, taxonomy, and open research challenges," Journal of Network
and Computer Applications, vol. 145, p. 102409, 2019/11/01/ 2019.
ur

[53] A. Altaf, H. Abbas, F. Iqbal, and A. Derhab, "Trust models of internet of smart things: A survey,
open issues, and future directions," Journal of Network and Computer Applications, vol. 137, pp.
Jo

93-111, 2019/07/01/ 2019.

[54] A. Sharma, E. S. Pilli, A. P. Mazumdar, and P. Gera, "Towards trustworthy Internet of Things: A
survey on Trust Management applications and schemes," Computer Communications, vol. 160,
pp. 475-493, 2020/07/01/ 2020.
[55] S. M. Muzammal, R. K. Murugesan, and N. Z. Jhanjhi, "A Comprehensive Review on Secure
Routing in Internet of Things: Mitigation Methods and Trust-based Approaches," IEEE Internet
of Things Journal, pp. 1-1, 2020.
[56] A. Alwarafy, K. A. Al-Thelaya, M. Abdallah, J. Schneider, and M. Hamdi, "A Survey on
Security and Privacy Issues in Edge Computing-Assisted Internet of Things," IEEE Internet of
Things Journal, pp. 1-1, 2020.
[57] K. Mahmud and M. Usman, "Trust Establishment and Estimation in Cloud Services: A
Systematic Literature Review," Journal of Network and Systems Management, vol. 27, no. 2, pp.
489-540, 2019/04/01 2019.
[58] V. Mohammadi, A. M. Rahmani, A. M. Darwesh, and A. Sahafi, "Trust-based recommendation
systems in Internet of Things: a systematic literature review," Human-centric Computing and
Information Sciences, vol. 9, no. 1, p. 21, 2019/06/03 2019.
[59] R. K. Chahal, N. Kumar, and S. Batra, "Trust management in social Internet of Things: A
taxonomy, open issues, and challenges," Computer Communications, vol. 150, pp. 13-46,
2020/01/15/ 2020.

43
[60] M. Haghi Kashani, A. M. Rahmani, and N. Jafari Navimipour, "Quality of service-aware
approaches in fog computing," International Journal of Communication Systems, vol. 33, no. 8,
p. e4340, 2020.
[61] S. Bazzaz Abkenar, M. Haghi Kashani, E. Mahdipour, and S. M. Jameii, "Big data analytics
meets social media: A systematic review of techniques, open issues, and future directions,"
Telematics and Informatics, vol. 57, p. 101517, 2021/03/01/ 2021.
[62] M. Songhorabadi, M. Rahimi, A. M. M. Farid, and M. H. Kashani, "Fog Computing Approaches
in Smart Cities: A State-of-the-Art Review," arXiv preprint arXiv:2011.14732, 2020.
[63] S. B. Abkenar, M. H. Kashani, M. Akbari, and E. Mahdipour, "Twitter Spam Detection: A
Systematic Review," arXiv preprint arXiv:2011.14754, 2020.
[64] M. H. Kashani, A. Ahmadzadeh, and E. Mahdipour, "Load balancing mechanisms in fog
computing: A systematic review," arXiv preprint arXiv:2011.14706, 2020.
[65] M. H. Kashani, M. Madanipour, M. Nikravan, P. Asghari, and E. Mahdipour, "A systematic
review of IoT in healthcare: Applications, techniques, and trends," Journal of Network and
Computer Applications, vol. 192, p. 103164, 2021/07/22/ 2021.

of
[66] Z. Ahmadi, M. Haghi Kashani, M. Nikravan, and E. Mahdipour, "Fog-based healthcare systems:
A systematic review," Multimedia Tools and Applications, vol. 80, no. 30, pp. 36361-36400,

ro
2021/12/01 2021.
[67] M. Sheikh Sofla, M. Haghi Kashani, E. Mahdipour, and R. Faghih Mirzaee, "Towards effective

-p
offloading mechanisms in fog computing," Multimedia Tools and Applications, vol. 81, no. 2, pp.
1997–2042, 2022.
re
[68] M. Fathi, M. Haghi Kashani, S. M. Jameii, and E. Mahdipour, "Big data analytics in weather
forecasting: A systematic review," Archives of Computational Methods in Engineering, submitted
for publication, vol. 29, no. 2, pp. 1247-1275, 2022.
lP

[69] Y. Karimi, M. Haghi Kashani, M. Akbari, and E. Mahdipour, "Leveraging big data in smart
cities: A systematic review," Concurrency and Computation: Practice and Experience, submitted
na

for publication, vol. 33, no. 21, 2021.

[70] B. Kitchenham, O. Pearl Brereton, D. Budgen, M. Turner, J. Bailey, and S. Linkman, "Systematic
literature reviews in software engineering – A systematic literature review," Information and
ur

Software Technology, vol. 51, no. 1, pp. 7-15, 2009/01/01/ 2009.

[71] B. Kitchenham, "Procedures for performing systematic reviews," Keele, UK, Keele University,
Jo

vol. 33, pp. 1-26, 2004.

[72] F. Dewanta and M. Mambo, "Bidding Price-Based Transaction: Trust Establishment for
Vehicular Fog Computing Service in Rural Area," in 2019 IEEE International Conference on
Pervasive Computing and Communications Workshops (PerCom Workshops), 2019, pp. 882-887.
[73] T. Wang, L. Qiu, A. K. Sangaiah, G. Xu, and A. Liu, "Energy-Efficient and Trustworthy Data
Collection Protocol Based on Mobile Fog Computing in Internet of Things," IEEE Transactions
on Industrial Informatics, vol. 16, no. 5, pp. 3531-3539, 2020.
[74] T. Wang et al., "Fog-Based Evaluation Approach for Trustworthy Communication in Sensor-
Cloud System," IEEE Communications Letters, vol. 21, no. 11, pp. 2532-2535, 2017.
[75] W. Fang, W. Zhang, W. Chen, Y. Liu, and C. Tang, "TMSRS: trust management-based secure
routing scheme in industrial wireless sensor network with fog computing," Wireless Networks,
2019/09/07 2019.
[76] M. Cinque, C. Esposito, and S. Russo, "Trust Management in Fog/Edge Computing by Means of
Blockchain Technologies," in 2018 IEEE International Conference on Internet of Things
(iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber,
Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2018, pp. 1433-
1439.
[77] F. H. Rahman, T. W. Au, S. H. S. Newaz, and W. S. Suhaili, "Trustworthiness in Fog: A Fuzzy
Approach," presented at the Proceedings of the 2017 VI International Conference on Network,

44
 Communication and Computing, Kunming, China, 2017. [Online]. Available:
https://doi.org/10.1145/3171592.3171606.
[78] Z. Gao et al., "A Credible and Lightweight Multidimensional Trust Evaluation Mechanism for
Service-Oriented IoT Edge Computing Environment," in 2019 IEEE International Congress on
Internet of Things (ICIOT), 2019, pp. 156-164.
[79] J. Yuan and X. Li, "A Reliable and Lightweight Trust Computing Mechanism for IoT Edge
Devices Based on Multi-Source Feedback Information Fusion," IEEE Access, vol. 6, pp. 23626-
23638, 2018.
[80] T. Wang, H. Luo, X. Zheng, and M. Xie, "Crowdsourcing Mechanism for Trust Evaluation in
CPCS Based on Intelligent Mobile Edge Computing," ACM Trans. Intell. Syst. Technol., vol. 10,
no. 6, p. Article 62, 2019.
[81] X. Xu, X. Liu, Z. Xu, F. Dai, X. Zhang, and L. Qi, "Trust-Oriented IoT Service Placement for
Smart Cities in Edge Computing," IEEE Internet of Things Journal, pp. 1-1, 2019.
[82] K. N. Qureshi, A. Iftikhar, S. N. Bhatti, F. Piccialli, F. Giampaolo, and G. Jeon, "Trust
management and evaluation for edge intelligence in the Internet of Things," Engineering

of
Applications of Artificial Intelligence, vol. 94, p. 103756, 2020/09/01/ 2020.
[83] L. Xiao et al., "A Reinforcement Learning and Blockchain-Based Trust Mechanism for Edge

ro
Networks," IEEE Transactions on Communications, vol. 68, no. 9, pp. 5460-5470, 2020.
[84] R. Priyadarshini, N. Malarvizhi, and P. Karthikeyan, "ESTIMATION OF TRUST USING

-p
LOGISTIC REGRESSION IN FOG COMPUTING," Microprocessors and Microsystems, p.
104026, 2021/01/14/ 2021.
re
[85] V. L. Hallappanavar and M. N. Birje, "Prediction of quality of service of fog nodes for service
recommendation in fog computing based on trustworthiness of users," Journal of Reliable
Intelligent Environments, 2021/07/18 2021.
lP

[86] P. Zhou et al., "Trustworthy and Context-Aware Distributed Online Learning with Autoscaling
for Content Caching in Collaborative Mobile Edge Computing," IEEE Transactions on Cognitive
na

Communications and Networking, pp. 1-1, 2021.

[87] Z. Zhang, Z. Xu, G. Wu, J. Wang, H. Ren, and G. Yuan, "Trust-Aware Service Chaining in
Mobile Edge Clouds with VNF Sharing," in 2021 IEEE 24th International Conference on
ur

Computer Supported Cooperative Work in Design (CSCWD), 2021, pp. 410-415.

[88] V. Meena, M. Gorripatti, and T. Suriya Praba, "Trust Enforced Computational Offloading for
Jo

Health Care Applications in Fog Computing," Wireless Personal Communications, vol. 119, no.
2, pp. 1369-1386, 2021/07/01 2021.
[89] M. Kahla, M. Azab, and A. Mansour, "Secure, Resilient, and Self-Configuring Fog Architecture
for Untrustworthy IoT Environments," in 2018 17th IEEE International Conference On Trust,
Security And Privacy In Computing And Communications/ 12th IEEE International Conference
On Big Data Science And Engineering (TrustCom/BigDataSE), 2018, pp. 49-54.
[90] G. Tur and M. N. Homsi, "Cost-sensitive classifier for spam detection on news media Twitter
accounts," in Computer Conference (CLEI), 2017 XLIII Latin American, 2017: IEEE, pp. 1-6.
[91] P. Kochovski, S. Gec, V. Stankovski, M. Bajec, and P. D. Drobintsev, "Trust management in a
blockchain based fog computing platform with trustless smart oracles," Future Generation
Computer Systems, vol. 101, pp. 747-759, 2019/12/01/ 2019.
[92] Z. Gao et al., "A Light-weight Trust Mechanism for Cloud-Edge Collaboration Framework," in
2019 IEEE 27th International Conference on Network Protocols (ICNP), 2019, pp. 1-6.
[93] Q. Xu, Z. Su, Y. Wang, and M. Dai, "A Trustworthy Content Caching and Bandwidth Allocation
Scheme With Edge Computing for Smart Campus," IEEE Access, vol. 6, pp. 63868-63879, 2018.
[94] J. Xia, G. Cheng, S. Gu, and D. Guo, "Secure and Trust-Oriented Edge Storage for Internet of
Things," IEEE Internet of Things Journal, pp. 1-1, 2019.
[95] W. B. Daoud, M. S. Obaidat, A. Meddeb-Makhlouf, F. Zarai, and K.-F. Hsiao, "TACRM: trust
access control and resource management mechanism in fog computing," Human-centric
Computing and Information Sciences, vol. 9, no. 1, p. 28, 2019/07/22 2019.

45
[96] F. Jiang and H.-W. Tseng, "Trust model for wireless network security based on the edge
computing," Microsystem Technologies, 2019/05/20 2019.
[97] A. K. Junejo, N. Komninos, M. Sathiyanarayanan, and B. S. Chowdhry, "Trustee: A Trust
Management System for Fog-enabled Cyber Physical Systems," IEEE Transactions on Emerging
Topics in Computing, pp. 1-1, 2019.
[98] M. S. Haghighi, M. Ebrahimi, S. Garg, and A. Jolfaei, "Intelligent Trust-based Public Key
Management for IoT by Linking Edge Devices in a Fog Architecture," IEEE Internet of Things
Journal, pp. 1-1, 2020.
[99] F. Qiao, J. Wu, J. Li, A. K. Bashir, S. Mumtaz, and U. Tariq, "Trustworthy Edge Storage
Orchestration in Intelligent Transportation Systems Using Reinforcement Learning," IEEE
Transactions on Intelligent Transportation Systems, pp. 1-14, 2020.
[100] F. Nawab, "WedgeChain: A Trusted Edge-Cloud Store With Asynchronous (Lazy) Trust," in
2021 IEEE 37th International Conference on Data Engineering (ICDE), 2021, pp. 408-419.
[101] Y. Ouyang, W. Liu, Q. Yang, X. Mao, and F. Li, "Trust based task offloading scheme in UAV-
enhanced edge computing network," Peer-to-Peer Networking and Applications, 2021/04/13

of
2021.
[102] F. Hosseinpour, A. S. Siddiqui, J. Plosila, and H. Tenhunen, "A Security Framework for Fog

ro
Networks Based on Role-Based Access Control and Trust Models," in Research and Practical
Issues of Enterprise Information Systems, Cham, 2018: Springer International Publishing, pp.

-p
168-180.
[103] G. Rathee, R. Sandhu, H. Saini, M. Sivaram, and V. Dhasarathan, "A trust computed framework
re
for IoT devices and fog computing environment," Wireless Networks, 2019/07/29 2019.
[104] S. A. Soleymani et al., "A Secure Trust Model Based on Fuzzy Logic in Vehicular Ad Hoc
Networks With Fog Computing," IEEE Access, vol. 5, pp. 15619-15629, 2017.
lP

[105] F. H. Rahman, T.-W. Au, S. H. S. Newaz, W. S. Suhaili, and G. M. Lee, "Find my trustworthy
fogs: A fuzzy-based trust evaluation framework," Future Generation Computer Systems,
na

2018/06/15/ 2018.
[106] H. Tajalizadeh and R. Boostani, "A novel stream clustering framework for spam detection in
twitter," IEEE Transactions on Computational Social Systems, vol. 6, no. 3, pp. 525-534, 2019.
ur

[107] M. Bazm, M. Lacoste, M. Südholt, and J. Menaud, "Secure Distributed Computing on Untrusted
Fog Infrastructures Using Trusted Linux Containers," in 2018 IEEE International Conference on
Jo

Cloud Computing Technology and Science (CloudCom), 2018, pp. 239-242.

[108] E. Alemneh, S.-M. Senouci, P. Brunet, and T. Tegegne, "A two-way trust management system for
fog computing," Future Generation Computer Systems, vol. 106, pp. 206-220, 2020/05/01/ 2020.
[109] Y. Hussain and Z. Huang, "TRFIoT: Trust and Reputation Model for Fog-based IoT," in Cloud
Computing and Security, Cham, 2018: Springer International Publishing, pp. 187-198.
[110] T. Wang, L. Qiu, G. Xu, A. K. Sangaiah, and A. Liu, "Energy-efficient and trustworthy data
collection protocol based on mobile fog computing in Internet of Things," IEEE Transactions on
Industrial Informatics, 2019.
[111] V. Sharma, I. You, D. N. K. Jayakody, and M. Atiquzzaman, "Cooperative trust relaying and
privacy preservation via edge-crowdsourcing in social Internet of Things," Future Generation
Computer Systems, vol. 92, pp. 758-776, 2019/03/01/ 2019.
[112] T. Wang, L. Qiu, A. K. Sangaiah, A. Liu, M. Z. A. Bhuiyan, and Y. Ma, "Edge Computing based
Trustworthy Data Collection Model in the Internet of Things," IEEE Internet of Things Journal,
pp. 1-1, 2020.
[113] Q. Xu, Z. Su, and Q. Yang, "Blockchain-Based Trustworthy Edge Caching Scheme for Mobile
Cyber-Physical System," IEEE Internet of Things Journal, vol. 7, no. 2, pp. 1098-1110, 2020.
[114] D. Wu, G. Shen, Z. Huang, Y. Cao, and T. Du, "A Trust-Aware Task Offloading Framework in
Mobile Edge Computing," IEEE Access, vol. 7, pp. 150105-150119, 2019.
[115] S. O. Ogundoyin and I. A. Kamil, "A Fuzzy-AHP based prioritization of trust criteria in fog
computing services," Applied Soft Computing, vol. 97, p. 106789, 2020/12/01/ 2020.

46
[116] S. Forti, G.-L. Ferrari, and A. Brogi, "Secure Cloud-Edge Deployments, with Trust," Future
Generation Computer Systems, vol. 102, pp. 775-788, 2020/01/01/ 2020.
[117] Y. Jararweh, S. Otoum, and I. A. Ridhawi, "Trustworthy and sustainable smart city services at the
edge," Sustainable Cities and Society, vol. 62, p. 102394, 2020/11/01/ 2020.
[118] J. Liang, M. Zhang, and V. C. M. Leung, "A Reliable Trust Computing Mechanism Based on
Multisource Feedback and Fog Computing in Social Sensor Cloud," IEEE Internet of Things
Journal, vol. 7, no. 6, pp. 5481-5490, 2020.
[119] Y. Hussain et al., "Context-Aware Trust and Reputation Model for Fog-Based IoT," IEEE
Access, vol. 8, pp. 31622-31632, 2020.
[120] F. H. Rahman, S. H. S. Newaz, T. W. Au, W. S. Suhaili, and G. M. Lee, "Off-Street Vehicular
Fog for Catering Applications in 5G/B5G: A Trust-Based Task Mapping Solution and Open
Research Issues," IEEE Access, vol. 8, pp. 117218-117235, 2020.
[121] I. Chuang, S. Huang, W. Chao, J. Tsai, and Y. Kuo, "TIDES: A Trust-Aware IoT Data Economic
System With Blockchain-Enabled Multi-Access Edge Computing," IEEE Access, vol. 8, pp.
85839-85855, 2020.

of
[122] X. Deng, J. Liu, L. Wang, and Z. Zhao, "A trust evaluation system based on reputation data in
Mobile edge computing network," Peer-to-Peer Networking and Applications, vol. 13, no. 5, pp.

ro
1744-1755, 2020/09/01 2020.
[123] B. Jiang, G. Huang, T. Wang, J. Gui, and X. Zhu, "Trust based energy efficient data collection

-p
with unmanned aerial vehicle in edge network," Transactions on Emerging Telecommunications
Technologies, https://doi.org/10.1002/ett.3942 vol. n/a, no. n/a, p. e3942, 2020/03/17 2020.
re
[124] S. O. Ogundoyin and I. A. Kamil, "A trust management system for fog computing services,"
Internet of Things, vol. 14, p. 100382, 2021/06/01/ 2021.
[125] P. K. Lahiri, D. Das, W. Mansoor, S. Banerjee, and P. Chatterjee, "A Trustworthy Blockchain
lP

based framework for Impregnable IoV in Edge Computing," in 2020 IEEE 17th International
Conference on Mobile Ad Hoc and Sensor Systems (MASS), 2020, pp. 26-31.
na

[126] S. V. Simpson and G. Nagarajan, "An edge based trustworthy environment establishment for
internet of things: an approach for smart cities," Wireless Networks, 2021/06/04 2021.
[127] S. Hu, S. Huang, J. Huang, and J. Su, "Blockchain and edge computing technology enabling
ur

organic agricultural supply chain: A framework solution to trust crisis," Computers & Industrial
Engineering, vol. 153, p. 107079, 2021/03/01/ 2021.
Jo

[128] A. Bhargava and S. Verma, "DEIT: Dempster Shafer Theory-based edge-centric Internet of
Things-specific trust model," Transactions on Emerging Telecommunications Technologies, vol.
32, no. 6, p. e4248, 2021.
[129] H. El-Sayed, S. Zeadally, M. Khan, and H. Alexander, "Edge-centric trust management in
vehicular networks," Microprocessors and Microsystems, vol. 84, p. 104271, 2021/07/01/ 2021.
[130] Q. Cui, Z. Zhu, W. Ni, X. Tao, and P. Zhang, "Edge-Intelligence-Empowered, Unified
Authentication and Trust Evaluation for Heterogeneous Beyond 5G Systems," IEEE Wireless
Communications, vol. 28, no. 2, pp. 78-85, 2021.
[131] X. Lin, J. Wu, J. Li, X. Zheng, and G. Li, "Friend-as-Learner: Socially-Driven Trustworthy and
Efficient Wireless Federated Edge Learning," IEEE Transactions on Mobile Computing, pp. 1-1,
2021.
[132] I. U. Din, A. Bano, K. A. Awan, A. Almogren, A. Altameem, and M. Guizani, "LightTrust:
Lightweight Trust Management for Edge Devices in Industrial Internet of Things," IEEE Internet
of Things Journal, pp. 1-1, 2021.
[133] T. Wang et al., "Mobile edge-enabled trust evaluation for the Internet of Things," Information
Fusion, vol. 75, pp. 90-100, 2021/11/01/ 2021.
[134] L. Zhang, Y. Zou, W. Wang, Z. Jin, Y. Su, and H. Chen, "Resource allocation and trust
computing for blockchain-enabled edge computing system," Computers & Security, vol. 105, p.
102249, 2021/06/01/ 2021.

47
[135] Q. Zhang, J. Wu, M. Zanella, W. Yang, A. K. Bashir, and W. Fornaciari, "Sema-IIoVT:
Emergent Semantic-Based Trustworthy Information-Centric Fog System and Testbed for
Intelligent Internet of Vehicles," IEEE Consumer Electronics Magazine, pp. 1-1, 2021.
[136] F. Bai, T. Shen, Z. Yu, K. Zeng, and B. Gong, "Trustworthy Blockchain-Empowered
Collaborative Edge Computing-as-a-Service Scheduling and Data Sharing in the IIoE," IEEE
Internet of Things Journal, pp. 1-1, 2021.
[137] N. Mazumdar, A. Nag, and J. P. Singh, "Trust-based load-offloading protocol to reduce service
delays in fog-computing-empowered IoT," Computers & Electrical Engineering, vol. 93, p.
107223, 2021/07/01/ 2021.
[138] J. Al Muhtadi, R. A. Alamri, F. A. Khan, and K. Saleem, "Subjective logic-based trust model for
fog computing," Computer Communications, 2021/06/08/ 2021.
[139] P. Singh, A. Kaur, R. S. Batth, G. S. Aujla, and M. Masud, "Service vs Protection: A Bayesian
Learning Approach for Trust Provisioning in Edge of Things Environment," IEEE Internet of
Things Journal, pp. 1-1, 2021.
[140] S. A. Soleymani, S. Goudarzi, M. H. Anisi, M. Zareei, A. H. Abdullah, and N. Kama, "A security

of
and privacy scheme based on node and message authentication and trust in fog-enabled VANET,"
Vehicular Communications, vol. 29, p. 100335, 2021/06/01/ 2021.

ro
[141] P. Krishnan, S. Duttagupta, and K. Achuthan, "SDN/NFV security framework for fog-to-things
computing infrastructure," Software: Practice and Experience, https://doi.org/10.1002/spe.2761

-p
vol. 50, no. 5, pp. 757-800, 2020/05/01 2020.
[142] P. Zhang, M. Durresi, and A. Durresi, "Multi-access edge computing aided mobility for privacy
re
protection in Internet of Things," Computing, vol. 101, no. 7, pp. 729-742, 2019/07/01 2019.
[143] M. Mukherjee et al., "Security and Privacy in Fog Computing: Challenges," IEEE Access, vol. 5,
pp. 19293-19304, 2017.
lP

[144] G. Dólera Tormo, F. Gómez Mármol, and G. Martínez Pérez, "Dynamic and flexible selection of
a reputation mechanism for heterogeneous environments," Future Generation Computer Systems,
na

vol. 49, pp. 113-124, 2015/08/01/ 2015.

[145] S. Namal, H. Gamaarachchi, G. MyoungLee, and T. Um, "Autonomic trust management in cloud-
based and highly dynamic IoT applications," in 2015 ITU Kaleidoscope: Trust in the Information
ur

Society (K-2015), 2015, pp. 1-8.

[146] B. Carbunar and R. Sion, "Uncheatable Reputation for Distributed Computation Markets," in
Jo

Financial Cryptography and Data Security, Berlin, Heidelberg, 2006: Springer Berlin
Heidelberg, pp. 96-110.
[147] R. Kerr and R. Cohen, "Modeling trust using transactional, numerical units," presented at the
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap
Between PST Technologies and Business Services, Markham, Ontario, Canada, 2006. [Online].
Available: https://doi.org/10.1145/1501434.1501460.
[148] I. Chen, J. Guo, and F. Bao, "Trust Management for SOA-Based IoT and Its Application to
Service Composition," IEEE Transactions on Services Computing, vol. 9, no. 3, pp. 482-495,
2016.
[149] W. Rafique, L. Qi, I. Yaqoob, M. Imran, R. U. Rasool, and W. Dou, "Complementing IoT
Services Through Software Defined Networking and Edge Computing: A Comprehensive
Survey," IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1761-1804, 2020.
[150] S. Rathore, B. Wook Kwon, and J. H. Park, "BlockSecIoTNet: Blockchain-based decentralized
security architecture for IoT network," Journal of Network and Computer Applications, vol. 143,
pp. 167-177, 2019/10/01/ 2019.
[151] M. Zhaofeng, W. Xiaochang, D. K. Jain, H. Khan, G. Hongmin, and W. Zhen, "A Blockchain-
Based Trusted Data Management Scheme in Edge Computing," IEEE Transactions on Industrial
Informatics, vol. 16, no. 3, pp. 2013-2021, 2020.

48
[152] J. Wang, L. Wu, K. R. Choo, and D. He, "Blockchain-Based Anonymous Authentication With
Key Management for Smart Grid Edge Computing Infrastructure," IEEE Transactions on
Industrial Informatics, vol. 16, no. 3, pp. 1984-1992, 2020.
[153] M. T. Hammi, B. Hammi, P. Bellot, and A. Serhrouchni, "Bubbles of Trust: A decentralized
blockchain-based authentication system for IoT," Computers & Security, vol. 78, pp. 126-142,
2018/09/01/ 2018.
[154] A. Nawaz, T. N. Gia, J. P. Queralta, and T. Westerlund, "Edge AI and Blockchain for Privacy-
Critical and Data-Sensitive Applications," in 2019 Twelfth International Conference on Mobile
Computing and Ubiquitous Network (ICMU), 2019, pp. 1-2.
[155] Y.-S. Jeong and Y.-H. Yon, "A blockchain-based IoT data management scheme using Bernoulli
distribution convergence in the mobile edge computing," Personal and Ubiquitous Computing,
2020/10/22 2020.
[156] K. Sood, K. K. Karmakar, S. Yu, V. Varadharajan, S. R. Pokhrel, and Y. Xiang, "Alleviating
Heterogeneity in SDN-IoT Networks to Maintain QoS and Enhance Security," IEEE Internet of
Things Journal, vol. 7, no. 7, pp. 5964-5975, 2020.

of
ro
-p
re
lP
na
ur
Jo

49
 Mohammad Nikravan received his B.Sc. in Computer Software Engineering from the Islamic Azad
University, Mashhad Branch, Iran, in 2002. He also received an M.Sc. degree in Computer Software from
the South Tehran Branch, Islamic Azad University, Tehran, Iran, in 2005 and a Ph.D. degree in Computer
Software from the Department of Computer Engineering, Science and Research Branch, Islamic Azad
University, Tehran, Iran in 2018. Currently, he is an assistant professor of the Department of Computer
Engineering Shahr-e-Qods Branch, Islamic Azad University, Iran. His research interests include the Internet of things,
6LoWPAN networks and cryptography, and network security.

Mostafa Haghi Kashani received his B.S. in Computer Engineering from Kashan Branch of IAU, Iran,
in 1999 and the M.S. in Computer Software Engineering from South Tehran Branch of IAU, Iran in 2002.
He is currently a full-time Ph.D. Candidate in Computer Engineering-Software Systems at Science and
Research Branch of IAU, Tehran, Iran. He is a researcher and lecturer in the Department of Computer
Engineering at IAU University. His research interests include distributed systems, fog/edge computing,
IoT, smart environments, big data, and evolutionary computing. He serves as an Editor for Frontiers in Big Data and
Frontiers in Artificial Intelligence. He has acted as a reviewer in several international journals, including the IEEE

of
Transactions on Industrial Informatics, IEEE Internet of Things Journal, International Journal of Communication
Systems (Wiley), Multimedia Tools and Applications (Springer), the Journal of Supercomputing (Springer),

ro
Sustainable Computing: Informatics and Systems (Elsevier), and other top journals in the field.

-p
re
lP
na
ur
Jo
 Declaration of interests

☒ The authors declare that they have no known competing financial interests or personal relationships
that could have appeared to influence the work reported in this paper.

☐The authors declare the following financial interests/personal relationships which may be considered
as potential competing interests:

of
ro
-p
re
lP
na
ur
Jo

View publication stats