Cutting-Edge Assets for Trust in 5G and Beyond: Requirements, State of the Art, Trends, and Challenges

Prior to describing the noteworthy properties and features that form most trust and reputation models, both concepts ought to be presented. Trust may be expressed in multiple ways depending on enforcement environments. Misztal [79] defined trust as “the belief that the person, who has a degree of freedom to disappoint our expectations, will meet an obligation under all circumstances over which they have control,” or by Mohammadi et al. [80] as “the risk of accepting or denying a decision,” to name but a couple. As a computer science concept, we may define trust as the mechanism to evaluate, establish, maintain, and revoke trustworthy relationships between entities of the same or different networks within one or multiple environments. In the case of reputation, this may be contemplated as “a perception that an agent creates through past behaviors about its intentions and norms” by Mui et al. [82]. Thus, reputation is interpreted as a feasible methodology to foresee the agent’s trust. Notwithstanding, reputation models are not the only methodology, as role-based trust models [20] and identity-based trust models [21] could also be considered as methodologies to predict an agent’s trustworthiness.

Trust and reputation models in turn comprehend a set of properties (generic characteristics to be employed by any trust model regardless of whether it is role based, attestation based, reputation based, etc.) and features (specific characteristics only considered by reputation-based trust models) that are understood independently of enforcement scenarios. Nevertheless, how these properties and features are addressed by the authors allow differentiating multiple trust and reputation approaches within the same enforcement scenario, as well as to obtain more accurate outputs. Therefore, we consider it crucial to briefly describe such properties and features before detailing how they are technically addressed in the proposals that will be introduced later in Section 4. Through the process of identifying a set of general properties and features in trust and reputation models, we have grouped them into the three main groups described in the following sections.

After defining a set of essential properties and features of trust and reputation models, this section endeavors to bring together the principal modules that form such models. Based on modules depicted in Figure 2, this section also broadly defines the main actions associated with each.

To our mind, these modules depict a basic and abstract functionality that ought to be shared by any trust and reputation model, regardless of the application area. In this sense, this section does not to display a convoluted model to cover a set of compulsory requirements in a specific scenario, but it describes a plain model that may be adapted to whatever scenario. In addition, it also covers a conventional subset of requirements according to 4G and 5G ecosystems such as zero-touch, privacy-preserving, trust across domains, and distributed nature. As Figure 2 showcases, we can infer that trust and reputation models are normally composed of the four key components introduced in the following.

Owing to the growth of 5G networks, novel business models are appearing where multi-stakeholder and shared infrastructure approaches play a pivotal role for them. In this regard, 5G and B5G ecosystems are being adjusted as a response to balance the rapidly evolving demand from tenants and users for data capacity, latency, bandwidth, and network coverage [2]. Hence, the connectivity to external data, service, and resources outside our 5G network is essential to cover certain tenant and user’s demands [109]. Bearing these needs in mind, the data network assets represent the principal actions related to the interconnection of different 5G networks, operators, and providers.

To provide the aforementioned capabilities, there are currently approaches that allow operators the trading of other providers’ services and resources [15]. In particular, Carrozzo et al. [19] proposed a distributed marketplace for 5G ecosystems that enabled the establishment of heterogeneous services and resources across different domains and operators, coping with the flexibility and dynamicity of 5G networks. Therefore, the data network assets should contemplate new multi-tenancy and multi-stakeholder scenario requirements such as dynamic cross-domain connections between 5G stakeholders, such as SPs, Service Consumer (SCs), and mobile network operators, among others, and efficient and scalable communications. Besides, the data network assets should be aware of context so as to make proper decisions on the leasing or building of new services and resources as well as avoid breaching business agreements such as Smart Contracts or SLAs. To deal with them, trust is a crucial characteristic to facilitate the fulfillment of the preceding requirements as well as to ensure suitable decisions. By means of trust models, the determination of the most honest stakeholders, on which our services and data will be deployed, may be done safely based on previous experience and/or recommendations. Furthermore, most trust models are contemplated as efficient approaches to establish trustworthy connections in multiple scenarios [90, 134], and therefore they also promote efficient and scalable communications.

Low network latency is one of the most relevant 5G and B5G network characteristics, and the slicing is contemplated as the principal enabler to achieve it. Network slicing is a network architecture that allows the segmentation of virtualized and independent logical networks using the same physical network infrastructure [69]. In particular, each slide enables network communication between 5G services and users’ equipment. The slicing asset contemplates all functions responsible to create and manage slices, mainly handled by the network function layer.

Yet building multiple virtual networks on an identical physical infrastructure also entails multiple security challenges [141]. Considering a set of applications and services’ specific requirements, an SP can supply a virtualized end-to-end environment that may be used by third parties (i.e., SCs). Such an end-to-end environment must provide an automated trust chain establishment, which is even more essential when it comes to cross-domain scenarios. Trust models may contribute to the establishment of end-to-end trustworthiness chains by determining not only an SP’s trust score but also other intermediary entities involved in the slicing process management. Another important network slicing requirement is its capability to scale and migrate flexibly, which involves that trust chains ought to be more dynamic than ones proposed on telecommunication networks (i.e., 3G and 4G). Ergo, trust models should manage trust chains dynamically and efficiently as well as evaluate the trustworthiness of all entities involved in slicing network services, not to mention the fulfillment of the whole lifecycle management following novel zero-touch approaches [13].

The stored data has an essential role in the decision-making process of multiple capabilities in 5G and B5G networks. As a matter of fact, data empowers other 5G technologies like artificial intelligence and its self-managing capabilities (zero-touch principle) in multiple contexts, such as security data monitoring, performance data monitoring, and SLA data monitoring [57]. Nevertheless, the proper functioning of technologies like artificial intelligence, among others, consists not only of the correct determination and configuration of algorithms themselves but also of data reliability and the security of data warehouses. Hence, the data storage asset showcases the principal factors to establish trust in data and its storage source.

As mentioned earlier, data and its storage source have a direct impact on the decision-making processes—for example, considering a scenario where an SC needs to purchase or lease certain services from a third party (an SP) and the final decision is partially conditioned by other SCs’ recommendations. When it comes to storing data, it is true that there are multiple technologies and some have a higher trustworthy degree in the data they store than others. In the case of Distributed Ledger Technologies (DLTs), they introduce paramount properties such as integrity and non-reputation that ensure data published in the DLT have not been manipulated after being shared [96]. However, DLTs should not be used to store (on-chain) huge amounts of data [55] in contrast to what data lakes or conventional databases may do. Data lakes and conventional databases may employ security mechanisms like policies, identity management, access controls, and so forth, so as to guarantee security and privacy-preserving, but they are also not able to ensure data credibility. Hence, regardless of the data warehouse used to store information, it should be checked whether the user’s information is reliable at the time it is utilized, regardless of if we guarantee integrity, non-repudiation, and privacy-preserving of the data. To cope with it, mechanisms such as user credibility or data credibility [52], related to trust models, may contribute to enhance both data confidentiality and the security of its storage repositories. In this vein, credibility mechanisms prognosticate how truthful a recommendation or statement is from previous personal experiences (direct trust) and other recommendations (indirect trust).

Given that 5G architectures are being built under the thought of a dynamic network environment triggered by heterogeneous and on-demand requirements, the cloud technology is massively utilized by 5G and B5G networks to provision on-demand services such as Function-as-a-Service (FaaS), Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) [16]. Thus, global supply chains are built and consumed by enterprises via cross-border services modeled by the cloud [138]. Such services may guarantee a better collaboration, transparency, and efficiency to business solutions. Therefore, the cloud assets group encompasses the principal cloud computing technologies employed in 5G and B5G as tools to ameliorate network capabilities.

Since cloud computing technologies mostly follow a decentralized approach [44, 146] and there is a multitude of providers of these services, it is important to be transparent with the services received. In this sense, user satisfaction about the consumed resources or services may be crucial to help the community in these cross-domain scenarios where many consumers have no information about providers and vice versa. Therefore, when determining which service to use, it would be useful to look at recommendations of other users to forecast how reliable both a provider and its services might be. For this purpose, a reputation-based trust model may be considered as a basis for determining trust based on the recommendations of users who make up a community. Regardless of the algorithm leveraged to assess cloud providers, the reputation models enable to dynamically define a set of trustworthy recommenders. These dynamic sets allow avoiding certain spiteful recommendations by determining providers’ benevolence [10], as well as building honest community that enables sharing personal experiences through interactions with other entities. Finally, it is worth mentioning that not only users may take advantage of trust models but also cloud providers—for instance, they can employ trust models to cluster tenants based on previous behaviors [124] and, in consequence, assign to them shared resources or services based on tenants’ trust scores.

Concerning the growth of on-demand services (see Section 3.4), new ways to design, build, and operate communication networks have emerged in the past years. Software-Defined Networks (SDNs) are a new paradigm that provides holistic, efficient, automatic, and cost-effective network management and provisioning. In terms of functionality, the SDN differs from previous networks in its decoupling of the control and packet forwarding via the control and the data plane, which has conducted it to be one of the leading 5G network technologies [12]. Nevertheless, SDNs not only bring potential benefits such as reducing the difficulty of network configuration functions but also introduce emerging threats [40] applicable to 5G and B5G that may generate a lack of trust between SDN assets. Hence, the SDN assets group contemplates the principal SDN architecture components (SDN network controller, control plane, application plane, and data plane) that may suffer an absence of trust during their lifecycle.

Due to the huge threat landscape that is appearing [75], several components are under the attackers’ spotlight. In the case of the application plane, it is possible to develop network applications that enable generating networking policies for the SDN control plane. However, the SDN architecture is not able to distinguish, in some cases, between a misbehavior application and a trustworthy application. Thus, the SDN architecture may be affected, and consequently it may decrease their network performance. By means of a trust management framework, malicious SDN applications could be identified since such a framework can continuously evaluate applications’ trust values based on their impact on the network performance (throughput, delay, packet loss, etc.) [135]. Moreover, it may also eradicate the default trust in some of the SDN architecture components. Hence, one of the key security problems in the SDN controller/control plane and application plane, which is related to the applications’ conflicts and detection of malicious applications, may be tackled through the contemplation of minimum trust value between components. For instance, an SDN controller may carry out a dynamic and secure selection of heterogeneous IoT devices by ensuring compliance with a trust threshold and, in consequence, preventing adversarial nodes [54]. Additionally, trust can also enhance the detection of misbehavior in the SDN data plane—for example, the use of trust models for prognosticating hybrid Distributed Denial of Service (DDoS) [42].

Together with SDNs, Network Functions Virtualization (NFV) is another paramount enabler for dynamic 5G and B5G networks. Despite the SDN potential to empower flexible and agile network management and provisioning, it is not able to supply the required capabilities to efficiently manage the lifecycle of network slices and their resources. In this vein, NFV architecture deals with these absences and is in charge of managing and orchestrating the infrastructure resources. Nonetheless, it possesses a complex architecture [86] that implies it to be prone to cyber-attacks such as tampering of received network packets before sending them to the next Virtual Network Functions (VNFs) [14]. Therefore, the NFV assets group is mainly composed of all network functions that are virtualized to move away from previous approaches based on proprietary dedicated hardware.

When it comes to NFV, NFV Infrastructure (NFVI) and VNFs are just some of the architecture components on trust properties that may be applied to ameliorate security capabilities. On the one hand, the NFVI has a higher attack surface than traditional hardware-based approaches since it may be affected by both threats related to the combination of multiple network domains and generic virtualization threats. To cope with some threats, the NFVI may contemplate trust as a stand-alone component that allows assessing the infrastructure trustworthiness and making it easier to integrate with the rest of the NFV architecture [27]. On the other hand, VNFs are software elements that tend to be validated and certificated during on-boarding and instantiation stages. In other words, VNFs are subjected to authenticity and integrity mechanisms so as to check whether the VNF software belongs to a trusted vendor/supplier. Traditionally, VNFs have leveraged binary/property-based attestation techniques that allow guaranteeing a trust score when VNFs are being instantiated [118]. However, these processes are usually not checked again during the active lifecycle because they usually generate hash-based functions that are compared at boot time with the original hash of the VNF. In this sense, trust is a continuous and dynamic mechanism that may be utilized, together with authenticity and integrity mechanisms, as a reputation management component capable of monitoring and evaluating the performance of VNFs to select the trustworthy ones [131]. On balance, trust mechanisms can be applied to the NFV architecture to build and assess the trustworthiness of its components along their lifecycle, as well as ensure the expected QoS.

Management and Orchestration (MANO) is an imperative component of the ETSI NFV architecture in charge of coordinating the entire set of network functions, their virtualization, and the lifecycle management [78]. MANO plays a pivotal role in 5G and B5G infrastructure environments to assure fleet and reliable NFV deployments at scale. Nevertheless, its pivotal role also involves significant impacts in the 5G infrastructure environment whether or not its components are affected. In this vein, the MANO assets group provides for the three principal functionalities of MANO: the NFV Orchestrator (NFVO), the VNF manager, and the virtual infrastructure manager.

On account of the important role covered by NFV Management and Orchestration (NFV-MANO) as well as its functionalities, an intermittent availability or weakening may put in jeopardy the 5G infrastructure security and, consequently, the proper functioning of the whole network. In the case of NFVO, should it be tampered or compromised by its natural behavior through malevolent actions on virtual infrastructure managers, it will entail a resource performance downgrading and even provoke a Denial of Service [72]. Thereby, it would be worthwhile to continuously analyze the behavior of some components like NFVO to build a trust chain that makes it easier to trust or distrust in their actions. Similarly, the MANO component may be employed to manage the trustworthiness of Virtual Machines (VMs) through binary and property-based attestation as well as static and dynamic information gathered by the VNF manager [118]. Regardless of contemplated trust mechanisms or tools, it is key to assure the availability, reliability, and resilience of three MANO functionalities to determine and set up the trust on them.

5G and B5G network telecommunications pretend to be characterized by flexible Radio Access Networks (RANs) where multiple entities [9], from different domains and/or locations, can make use of their capabilities. To allow the RAN’s capability access, it is bound to consider a set of security functions adapted to the distributed and decentralized nature of 5G and B5G networks that govern the resource access control and users’ trustworthiness. To cope with this, the RAN assets group stands for the hardware and logical components making up the functions of the RAN.

According to the expansion of 5G and B5G networks, previous protocols and networking concepts have had to evolve, and in consequence, new challenges and considerations have arisen—for instance, access control mechanisms. In terms of radio spectrum access, in the work of Okon et al. [85], it is contemplated that the use of blockchain is a mechanism to bring security, non-reputation, and reliability to business agreements. Because of blockchain, it is feasible to set up business agreements between mobile network operators in a distributed manner—for instance, privacy-preserving secure spectrum trading whereas tackling some security and privacy challenges concerning untrusted broadcast features and wireless transmission [95]. Furthermore, blockchain has a key role as a distributed trust authority and allows sharing immutable resource and service information among operators in a trustworthy and secure manner. In the end, trust may be introduced via multiple mechanisms, apart from conventional trust models. However, it continues to be a key element in most 5G and B5G architectures and components.

As can be observed in Figure 3, there are multiple relationships between the principal assets identified in 5G and B5G networks and the most relevant requirements presented in trust mechanisms (i.e., trust models). It should be pointed out that Figure 3 compiles the most critical requirements to be fulfilled by 5G trust models. In this regard, trust approaches are evolving to integrate new requirements as well as provide more sophisticated solutions [56]. Among such requirements, the zero-touch, efficiency, scalability, and cross-domain establishments are the most demanded ones for 5G assets, as can also be seen throughout Section 3.

On account of 5G expected capabilities such as low latency, huge bandwidth, and network coverage, the trading of services and resources has thoroughly engaged as an overwhelming solution to provision on-demand services as well as fulfilling the signed requirements. Thereby, we review solutions whose purpose is to ensure trustworthy interconnections between different 5G networks, operators, and providers. Table 1 compares the solutions detailed in this section, as well as recaps the properties and features described in Section 2.1. Note that the solutions described in this section do not follow a chronological order, like the rest of them, to provide better reading.

In this context, Wong [126] introduced a trust model that measured the security strength of networks and services. Concretely, it gathered information related to stakeholders’ vulnerabilities and risks, as well as network trustworthiness and behavior. Direct acyclic graphs together with Bayesian networks were leveraged to get direct trust and indirect acyclic graphs, in addition to Markov networks to obtain indirect trust relationships. Moreover, such graphs also allow visualizing relationships, dependencies, and independences in the ecosystem. The author used causal, evidential, and inter-causal reasonings to assess the trustworthiness, requiring more than 3,000 interactions to get stable evaluations when normal and abnormal incidents occur in the historical dataset. Alfantoukh et al. [5] proposed a generic reputation-based framework to help stakeholders in their decision-making processes. Such a framework also proposed a group decision-making model. To reach an agreement, each stakeholder proposed its solution(s) from its interest(s), and then they gave their opinion on one another where their global trust (reputation) was employed as a weight to influence decisions. Concerning the trust model, it was based on measurement theory and contemplated metrics such as the stakeholder’s usefulness by assessing decisions (impression). In terms of convergence, 98% reached an agreement using a 0.8 threshold or lower, regardless of random or normal distribution metrics. Also dealing with trust in multi-stakeholder environments, Arvidsson and Melander [10] underlined the relevance of trustworthiness for new product suppliers. Concretely, the authors attempted to clarify how to build trust in multi-stakeholder collaborations highlighting crucial properties such as honesty, benevolence, and transparency. Nonetheless, they only conducted a theoretical approach centered on relational aspects and their assumptions were not subsequently contrasted.

In addition to multi-stakeholder solutions, the data network group also refers to other assets such as operators and providers due to their pivotal role in the expansion of 5G networks [4, 45]. In the case of Zhu [145], he proposed a reputation-based model (MASPRep) to help consumers cope with dishonest providers. The service price, consumer’s feedback, collusion factor, and feedback reliability were taken into consideration as principal metrics to formulate the general trust equation. To check the proper functionality of his model, the Reputation Computing Error (RCE) measurement was leveraged to compare the results with the SPORAS, AVG, and C2CRep models. The experiments noted that MASPRep achieved 0.1 RCE before 27.2% of collusion consumers, although the C2CRep had better performance, and MASPRep detected reiterated defamatory feedback to the same provider. Similarly, Ahmed et al. [4] addressed trust as a multi-criteria decision-making problem for selecting a trustworthy SP. In this case, trust was composed of metrics such as competence, willingness, availability, timeliness, and honesty. In terms of computation algorithm, EFAHP (the entropy-based fuzzy analytic hierarchy process) was employed, as it tackles uncertainty, vagueness, and subjectivity (linked to multi-criteria solutions), and helps compute the aggregate weights of the comparison matrix. To verify the robustness of the presented model, the authors performed an experiment in which four SPs were set up as feasible candidates. A 2.12 entropy value predicted the second SP as the most reliable. Finally, Hassan et al. [45] also took into account trust as a zero-touch mechanism to manage reliable relationships between providers and consumers from reputation history, generated by the consumer’s feedback. Concretely, the authors presented a QoS model based on SLA parameters such as resource availability, resource success rate, efficiency, and data integrity. Additionally, the authors leveraged the variance or standard deviation to validate the credibility of consumers’ feedback and, in consequence, detect misbehavior of consumers. When it comes to performance evaluation, the enhanced QoS model showed that the availability and efficiency had better performance than the conventional QoS-based model, achieving a 0.92 transaction success rate.

In this section, we analyze solutions whose aim is to enhance the security capabilities of slice creation and management in 5G and B5G networks. At this point, it is worth mentioning that some approaches also intend to cover new requirements such as end-to-end trust chains and automatized trust establishments. Table 2 notes the similarities among the detailed approaches shown in the following.

In the slicing asset group, we can find the work of Niu et al. [83], who developed a trust degree calculation model for 5G network slicing service. This trust model gathered information from all active VNFs and their security requirements (subjective trust), users’ service-based experiences, and a reward and punishment mechanism based on pre-established security factors. The cloud model algorithm predicted the subjective trust and dealt with randomness and uncertainty problems. Besides, credibility was ensured by comparing user and network slice security parameters. Last, the authors checked the feasibility and effectiveness of their trust model emphasizing the relevance of weighting dimensions and the five penalty-free iterations to recover from a slice punishment. Sattar and Matrawy [103] worked on the optimal allocation of a slice guaranteeing slight end-to-end delay and on-demand intra-slice isolation between multiple slice components, increasing reliability and security. The degree of reliability, inspired by the work of Dietrich et al. [31], was part of an objective function based on Mixed-Integer Linear Programming (MILP). Note that the reliability ranged from 0 to 10, and the lower the number, the higher the degree of reliability since it referred to the number of VNFs placed within the same physical server. In the end, experiments showed that severe intra-slice isolation led to relatively lower CPU utilization and higher bandwidth. Varadharajan et al. [118] addressed similar research centered on the absence of trust on a network slice provision. Thus, they built a zero trust model along with binary/property-based attestation mechanisms to enhance the quality of decisions. The binary attestation took information about VNF implementation, whereas property attestation was related to behavioral properties. Besides, trust was assessed at the time of VNF formation, deployment on the VM, and before deploying it, three paramount requirements, by comparing hashed digest of all VNFs with the expected state. Finally, experiments conducted a plausible delay as the on-boarding process delay increased around 5% to 12% and the CPU usage accomplished 91.5% in contrast to 86.2% consumed without it.

Focused on wireless networks, Zhang et al. [139] elaborated a Trust-based Dynamic Slicing Mechanism (TDSM) for a proper selection of trustworthy cluster head nodes in wireless sensor networks. Each node acquired a specific role by sharing the current trust score to its nearest neighboring, with such a score then utilized to generate multiple clusters. The TDSM algorithm determined the number of slices by nodes’ trust scores, and following the criteria, the higher the trust score, the lower the number of slices. The results concluded that the TDSM dwindled communication overhead by almost 39.0%, 29.6%, and 16.8% compared with the SMART, EEHA, and HEEPP algorithms, reduced energy consumption, and ensured network privacy. Fontana et al. [36] proposed SMASH, a novel network slicing approach based on a reputation algorithm and neural networks to enhance performance. To determine the most suitable network, SMASH associated a reputation score with each one and its services from a multi-criteria QoS-based method. In terms of computation, the hidden levels were set up in two levels: one collected usage habits of the connection and another the minimum operating requirements. The results noted that the best validation performance was 0.06667 at epoch 15, and it caused a 3.8-ms delay and 1.5 packet loss rate compared with TYDER [30], in the worst case. Similar to Zhang et al. [139], Parvin et al. [89] also presented a trust-based solution for wireless sensor networks using network slicing. The principal objective was to distinguish requests between trustworthy and malicious nodes from previous interactions and recommendations. To cope with it, the authors divided the network into virtually primary and secondary networks that contacted a certificate authority to verify the candidate’s trust score and authenticate it. Despite that the newcomer’s issue was covered via triangular and reference trust value calculation methods, their solution cannot deal with malicious nodes that cast biased recommendations from the beginning.

Trustworthy and secure storage repositories are crucial to reputation-based models prior to the trust computation. In fact, such is the data relevance that the decision-making process is directly affected by the quality of the data, its credibility, and its reliability. Hence, this 5G asset group gathers trust-based solutions that evaluate feedback credibility and data reliability, as well as data warehouses. The difference between credibility and reliability should be pointed out in this context. The former refers to the validation and verification of gathered feedback from a recommender [120], and the latter represents the degree to which the result of a measurement can be depended on to be accurate. Table 3 summarizes the most relevant characteristics of each solution described in the following.

Concerning the credibility and reliability, Ahmed and Tepe [3] forecasted the credibility of recommendations through Logistic Trust (LT) and SecuredTrust in the Vehicular Ad Hoc Network (VANET). In the case of LT, it calculated recommendations’ similarity and consistency via the Jaccard index and the sum of the senders’ recommendations in time x, respectively. Contrary to LT, SecuredTrust was computed via the direct logarithmic function of similarity. The outputs showcased the LT filtered out incorrect recommendations better than SecuredTrust, with a 1.0% True-Positive Rate (TPR) and 0% False-Positive Rate (FPR) for LT versus 0.5% TPR and 0.2% FPR for SecuredTrust. In line with Ahmed and Tepe [3], Xia et al. [128] proposed a novel credibility assessment method in VANETs. The authors contemplated both subjective trust, employing the SCGM(1,1)-weighted Markov prediction algorithm, and recommendations based on a feedback mechanism. With regard to credibility, the authors took into account the TT (transient trust value) to check the accuracy of recommendations. Thus, a big deviation between TT and recommendation trust values was conducted to a false recommendation. In terms of performance, their trust model reached a higher detection rate (92% and 89%) than ART [66] (81% and 79%) and CAT [63] (84% and 78%) when there were 30% of malicious nodes carrying out on-off and bad-mouthing attacks. Samuel et al. [102] presented an innovative blockchain-based trust system to automatically manage dynamic multi-agent behaviors. To cope with it, they proposed a two-layer trust mechanism where the lower one was made up of direct trust, multi-source feedback, and an overall adaptive weighting function. The upper layer computed the credibility taking into consideration trust consistency (similarities between previous and new feedback), distortion (feedback dishonesty), and reliability (resilience to dishonest agents). Despite that 11 and 15 interactions were required to get optimal DT (around 0.135) and IT (around 0.03) values, such values do not seem to be very reliable, as their possible value lies between 0 and 1.

Focused on IoT scenarios, Wang et al. [123] proposed a trust evaluation model to guarantee atomic or combined reliable node chains in mobile edge nodes (TEM-MENs). To collect information, the Dijkstra algorithm was consumed. Besides, atomic chains gathered interactions, energy, and recommendations in multiple time windows, whereas combined chains were formulated as previous values from unique path nodes. Several experiments corroborated the TEM-MENs against NBBTE and AVTE algorithms, acquiring the highest detection rate (96%) and the lowest runtime (4 seconds). However, the data storage asset group also covers the trust data warehouse that is a fundamental process to build secure and reliable environments [65, 73]. Today, trust approaches built over blockchain techniques are gaining ground in the literature due to the extensive number of applications that can take advantage of them [137]. Li et al. [65] proposed a blockchain-based trust management approach for location privacy preservation in VANETs. In particular, the trust management model aimed at limiting and standardizing the behavior of vehicles as well as ensuring the data security of vehicles by recording trust information in the blockchain. Such a proposal analyzed vehicles’ behaviors from the rationality and authenticity of location information, and then checked the reliability of the current trust rating with the historical trust rating, before pushing new trust information to the blockchain. In terms of experiments, Li et al. [65] evaluated their trust model on the basis of on-off and bad-mouthing attack resilience. The former can affect around four rounds of transactions and then the malicious vehicle is removed, and the latter is perfectly detected by the trust model and does not affect VANET transactions. Similar to Li et al. [65], Lu et al. [73] also presented a blockchain-based system for VANET to preserve privacy. In this case, the authors leveraged a reputation model to find out the trustworthiness of broadcasted messages from direct historical interactions and indirect opinions about the sender. Furthermore, a reward and punishment mechanism was generated to adjust actions in real time such as honest or broadcasting forged messages. In this sense, multiple factors such as the level of alert messages, the relative density of vehicles, and the sequence of the senders had an impact on trust evaluations. Finally, like the results of Li et al. [65], Lu et al. [73] were able to deal with on-off attacks reducing the current trust score to 0 in only five rounds.

With the expansion of 5G networks, the figure of interconnections between devices, users, and organizations has grown exponentially. Along with it, an increment of resource providers and SPs has been required to cover essential activities such as on-demand computing capabilities, network and storage resources, and on-premises private cloud services, among others, guaranteeing a minimum QoS and QoE. In this respect, reputation-based trust models allow deeming the most reliable cloud for business transactions and sharing feedback with other consumers to detect feasible spiteful clouds. Thus, Table 4 synthesizes the most recent approaches as well as the principal characteristics of each one.

Yang et al. [132] presented a multi-granularity framework to deal with trustworthy cloud service selection. Consequently, their framework discovered similarities between a matrix of attributes based on the cloud model theory and user preferences based on QoS. Given the diversity of services that a cloud may provide, three types of attributes (exact, interval, and language values) were categorized. Besides, a two-level fuzzy comprehensive evaluation method was designed to facilitate users’ decision-making and rank cloud services. By means of simulated experiments, the framework coped with the ambiguity and randomness of trust levels simultaneously and reduced subjective factors. In the same direction, Fortino et al. [37] leveraged a reputation-based trust model to deduce reliable partners groups. In addition to reputation, reliability and helpfulness, both linked to recommendations, were also considered. By means of partners groups, a network split into several graphs was built where the greater distance between a requester and a recommender, the less important. Besides, CoTAG (a distributed CoT agent grouping) algorithm was designed for discovering the best group to join with and assessing a new membership via a voting mechanism. With respect to outputs, CoTAG showed a very fast convergence, with five steps to achieve a 0.8 MAMT (mean average mutual trust). However, Mrabet et al. [81] proposed a Chain Augmented Naïve Bayes-based Trust Model (CAN-TM). Such a proposal elected tangibles, those assessed at any time, and intangibles, those assessed from continuous observation, trust attributes related to SLA properties and inferred their correlation with nodes’ relationships. Moreover, CAN-TM employed the n-gram Markov model together with the Naïve Bayes model so as to predict the likelihood attribute distribution. They also considered the user’s satisfaction being set to satisfied when the positive evaluation percent was greater than 50 or dissatisfied when it was 50 or less. Compared to NB-TM (the Naïve Bayes trust model) and CF-TM (the collaborative filtering trust model), CAN-TM got a maximum F1-score gap of 0.119 and 0.184 with respect to them, respectively.

Similarly, Khilar et al. [60] also worked on the lack of trust in the cloud environment. Yet the authors not only focused on determining users’ trust before accessing the cloud but also on resources’ trust in the available resource catalog. With respect to the user’s trust, feasible misbehavior activities and SLA parameters from different time windows were gathered. Regarding SLA parameters, the user’s satisfaction should be underlined as the total number of successful tasks. However, resources’ trust was calculated from their reputation and opinions given to other services. To check the proper performance, multiple classification algorithms were considered, with the best kNN (k-nearest neighbors) with 0.94 of precision, recall, and F1-score. Also dealing with trust establishments in the cloud environment, Mehraj and Banday [76] proposed a zero trust model capable of fulfilling the cloud’s dynamism. In this regard, the zero trust model looked at essential fundaments such as end user authentication, authorization, and access control. Additionally, the authors declared micro-networks and micro-perimeters in which critical data can be deployed on a protected surface. Even though this approach was only theoretical, Mehraj and Banday [76] discussed key properties and features that their zero trust model should take into account, such as context-dependence, reward and punishment mechanisms, continuous monitoring, and trust establishments in real time. By following the direction, Alshammari et al. [7] presented a trust-based model to circumvent conventional attacks such as the Sybil, on-off, and collusion ones. In particular, the authors were able to distinguish and remove invalid feedback from consumers, and in consequence, they guaranteed a fair balance of consumers’ trust and owner feedback. To determine trust levels, data owners, roles, and task entities were taken into account. Then, a trust decision engine gathered historical data from a central repository to assess consumers’ trustworthiness and make a decision. The authors carried out multiple experiments to properly withstand the preceding reputation attacks through a dynamic threshold based on the frequency of recommender feedback and adding penalties to equations.

Over the past decades, 3G and 4G networks have been exposed to a colossal increment traffic demand since both consumers and organizations exponentially require network connectivity for internal and external communications, sales and hiring customer services, and resource sharing. In this context, software-defined networking, along with NFV, is a fundamental technology to satisfy these brand new needs. Hence, this section recaps solutions (Table 5) whose objective is to enhance SDN architecture security capabilities, through trust-based models, to ensure reliable network communication and enclose its potential surface attack.

In 2020, Zhao et al. [143] developed TrustBlock, a double-layer blockchain used to evaluate SDN network nodes’ trust. The first layer recorded the node’s behavior data, and the second one determined the principal block election task to perform the trust evaluation. When it comes to trust, the authors understood it as a triplet <A,L,V>, where A denotes trust evaluation attributes, L a fuzzy set of trust evaluation degree, and V a trust evaluation vector. In this proposal, blockchain covered key characteristics such as performing node authentication and filtering misbehavior recommendations via the Proof of Work algorithm. Finally, experiments showcased that TrustBlock was able to detect periodic and collusion attacks, reaching 98.8% detection and 98% accuracy rates. Gong et al. [42] presented an intelligent trust model for prognosticating hybrid DDoS in the SDN data plane. In particular, this approach utilized network monitoring parameters, bandwidth, and feedback from other OpenFlow switches to assess the trust of OpenFlow switches. In terms of computation, an ELM (extreme learning machine) facilitated the classification of DDoS attacks from network monitoring values, as well as updating trust value in real time. The results showed that their approach was able to achieve higher detection accuracy with a lower FPR. In particular, they got a 96% accuracy rate. Also covering SDN security threats, Yao and Yan [135] proposed a trust management framework to detect bad-natured SDN applications from analyzing their network performance. Especially, the framework delineated the application trust scores and elected what SDN application should be picked to manage network traffic. Thus, the trust management framework was formed by two components: a network performance monitor, which kept track of flow rule performance emitted by each SDN application, and a trust evaluation component to forecast trust scores. Besides, the Rayleigh cumulative distribution function was used to mold the decay time impact. In terms of experiments, the framework only expended around 17 ms to evaluate and distribute a trust score.

In the same line, Aliyu et al. [6] also worked on a trust management framework to guarantee a secure connection between the control layer and network applications. In this case, the authors illustrated trust in conjunction with authentication and authorization mechanisms. Regarding trust, it was supported by the controller belief, disbelief, uncertainty, and base rate on network application. So as to compute trust scores, the SLR (Subjective Logic Reasoning) algorithm, mostly employed on belief-based trust models, was selected. With respect to performance, experiments revealed a slow overhead (~12–14 ms) in the SDN controller with 100 switches and a slight throughput drop (0.06%). Aiming at the security threats in cross-domain scenarios, Zhao et al. [144] designed a cooperative filtering method to elect mobile cross-sensing nodes (MCS-CF) from the similarity of a historical task allocation. Thus, nodes’ reputation emerged as a combination of location, credibility, and sensing condition. Concerning credibility, this approach linked it to the task completion and its requirements, diminishing with the time decay. Similarly, the distance between the task completion and the current moment was another reputation attenuation factor. As for the accuracy, the MCS-CF algorithm got a 1.4% root mean square error and a 1.1% mean absolute error. Finally, Podili and Kataoka [93] built TRAQR(Trust-Aware E2E QoS Routing), a framework to provision in multi-domain SDNs). In particular, TRAQR introduced innumerable key aspects such as the use of a blockchain to store QoS capabilities and recommendation trust scores, an identity manager to authenticate the identities participating, the registration of trust scores in the Smart Contracts, or the quantifying trust based on Bayesian systems. In terms of experiments, the TRAQR algorithm consumed 34 ms to find an end-to-end QoS path and it was resilient to impersonal, Sybil, ballot stuffing, and bad-mouthing attacks.

NFV brings an innovative paradigm for large-scale network managing and provisioning as an alternative to traditional network and security services. Besides, NFVs support the reduction of network maintenance and upgrade costs. Nevertheless, they also entail significant challenges in the field of security as a larger threat landscape in comparison to hardware-based networks. Thus, this section reviews some of the latest research that proposed trust models as a mechanism to monitor and determine the trustworthiness of NFVs architectures (Table 6).

Yan et al. [131] designed a theoretical framework capable of tackling several 5G trust challenges in the context of virtualized networking. First, a root trusted module was considered as a hardware-based solution to ensure critical network functions. Second, a reputation management component was also contemplated to dynamically monitor local performance, assess the VNF’s trust before being deployed in a specific context, and allow NFVIs to collaborate along with the network. The authors also covered trust at runtime via the NFVI capabilities. In particular, the NFVI was responsible for monitoring and guaranteeing the QoS of VNFs running under its control. Similarly, De Benedictis and Lioy [27] proposed a stand-alone trust monitoring approach to cope with the broad threat landscape of NFVs. Especially, the trust monitoring carried out the assessment of NFVI’s trust through a shared audit database that stored information such as historical data, past attestations, and white-list databases, among others. It should be outlined that the integrity of the attestation process was covered by a hardware-based mechanism. Concerning the outputs, 35 VNFs were run at the same time, maintaining a stable RAM consumption (50 MB) and increasing a 2% CPU utilization and the latency until 9000 ms because of the attestation signature and the white-list databases comparisons. In the case of Torkzaban et al. [115], they built a trust-aware Service Function Chain (SFC) for network service deployment and the fulfillment of security requirements. A Linear Programming (LP) approach was followed to formulate an objective function based on placement, trust, flow, capacity, and domain constraints as a link-based MILP induced a huge computational cost. Finally, the authors showcased the relevance of dynamic versus static trustworthiness. The former increased a 10% acceptance rate compared to the static deployment, and both generated a similar cumulative CPU (below 80% for approaches) and bandwidth revenue (MILP generated 10% more than LP).

One year later, Torkzaban and Baras [114] extended their previous work [115] to reduce the complexity of the prior model. In this vein, they leveraged a kPath-Based SFC Embedding Model (KPB-SCE) since the PB-TASCE did not scale well enough in scenarios with a large number of devices. To compare the performance of their previous research [115] with the KPB-SCE, the acceptance rate, CPU utilization, and bandwidth revenue were determined. Considering k = 12 as an ideal value, the experiments pointed out a 70% vs 74% acceptance rate, 95% vs ~93% CPU utilization, and ~10% vs 4% bandwidth revenue, respectively. Like Torkzaban et al. [115] and Torkzaban and Baras [114], Zhang et al. [142] analyzed the trust-aware service chain maximization problem in mobile edge clouds with VNF sharing. To dealt with it, an LP algorithm, based on a randomized rounding technique, was elected so as to evade scalability issues and set up a trust graph for a set of network switches. Such a graph was designed through QoS and users’ trust requirements. Then, each cloudlet forecast a trust level according to historical data from security incidents between the source and destination switches. The proposed algorithm procured the highest system throughput, approximately 180-ms average delay, and (\(\sim\)95 MHz) resource usage. Last, Fan et al. [34] also researched software-based SFC. Unlike previous proposals [114, 142], the authors considered SFC credibility as a novel technique. Especially, a VNF forwarding graph together with a hierarchical Credibility-Based Deployment Strategy (CBDS) was employed to select the most trustworthy resources. It should be pointed out that credibility evaluation, in the VNF paradigm, is composed of authenticity, availability, and reliability. In addition, the credibility evaluation method adopted sliding windows and trigger mechanisms to be dynamic. With respect to the experiments, the CBDS’s credibility obtained higher values than the minimum deployment costs (18%), TOPS (24%), and random deployment strategy (19%). However, whether or not there is a huge number of deployed SFCs, it was gradually decreased as the CPU was full. Besides, the CBDS had a similar deployment cost until instantiating 30 SFCs and the highest acceptance rate, 90% for 0.75 credibility value.

A high trustworthiness configuration of the MANO functionality is primordial for resource providers and SPs to assure quick, dynamic, and reliable on-demand deployments. In this sense, trust approaches may be contemplated as a firm solution to cover the aforementioned characteristics without huge cost and computational increase. To support such an idea, this section describes multiple approaches based on MANO scenarios where different trust solutions were applied, as well as recapping them in Table 7.

With regard to the NFV-MANO architectures, Soenen et al. [107] proposed a reliable mechanism in charge of monitoring the availability and fault recovery in the data plane and quantifying trade-offs between the level of reliability and the correlated bandwidth and computational power costs. Thus, a cost function was formulated to discover a feasible solution that met the operator’s requirements and costs. To guarantee high availability, state preservation mechanisms were employed to avoid a restart from the beginning whether or not a fault happened and decrease added time ratio. The experiments showcased a 1.4-second vs 1.15-second recovery ratio (\(R_r\)) and 1.21-second vs 1.09-second added time ratio (\(R_a\)) respectively for centralized and distributed cases of nine tasks (optimal one). Xiang et al. [129] proposed a framework called NTaaS (Network Trustworthiness as a Service), to allow identifying and alerting misbehavior or uncooperative devices and recommending neighbor devices to optimize the network. The trust evaluation heeded the trustworthiness of the nodes (previous behaviors and capabilities to complete tasks) and the network topology (potential threats identification). Then, they designed their own trust evaluation method as the sum of each metric by its weight factor, ranging from 0 and 1. Finally, the authors carried out simulated experiments to measure the successful forwarding ratio via the DTEGR (Dynamic Trust Elective Geo Routing) algorithm, highlighting a 0.055% packet lost rate for the most reliable domain. Also dealing with orchestration, El-Kassabi et al. [32] leveraged trust as a degradation signal to reconfigure, migrate, and scale resources with the aim of ensuring workflow QoS. The trust scores were linked to a single resource as well as a composed one, both based on an objective reputation, via previous experiences, and on a subjective reputation via a global monitoring node from third-party recommendations. Such trust scores were automatically triggered before deploying resources and during their runtime at different time intervals. After that, the MADM (Multi-Attribute Decision-Making) algorithm was selected to compute a trust score for each task and map a proper resource. In terms of performance, the proposed model encompassed a slightly imperceptible overhead (25 KB) and a drastic CPU decrease (around 50%) after the migration phase triggered by non-compliance QoS requirements.

Suriano et al. [110] worked on a novel orchestrator capable of attesting trust and security requirements for a set of VNFs deployed across multiple boundaries. This approach attempted to fill the gap of electing trustworthy VNFs based on the reliability of service requirements (memory, computational, and network capabilities) and VNFs hash bootcode verified by the Trusted Platform Module. After that, a user triggered an attestation procedure to create a service chain composed of reliable VNFs, and then the trust assessor endorsed the final decision from the results of the integrity validation. Finally, it should be noted the proposed orchestrator was accommodated to the ETSI-NFV framework, but it was a theoretical approach. Similarly to Soenen et al. [107], Fu et al. [38] also discussed the lack of trust on NFV-MANO systems. In particular, a multi-objective optimization problem was presented to determine node selections from the blockchain, the mobile edge cloud server, and the NFV-MANO architecture. Thus, a dynamic trust model was built to predict a trust score for blockchain nodes and NFV-MANO systems, using the finite Markov property to model the transaction probability from one state to the next one. Since the authors agreed to use blockchain throughput as a measure to define the performance, the experiments highlighted that the trust model, together with a resource allocation model, entailed a better performance and a higher number of accepted blockchain transactions (35% improvement for 15 NFV-MANOs). Last, Pérez Palma et al. [91] proposed a TRM (trust and reputation manager) to continuously audit the 5G entities through a set of security measures declared on the Manufacturer Usage Description (MUD) files. Especially, the TRM gathered historical and live data as well as a variety of assurance elements (identity, non-repudiation, attestation, etc.) from the attestation of VMs, security policies and SLAs, or remote verifiers. In this proposal, the authors leveraged a fuzzy logic to compute reputation scores being carried out the trust computation inside Smart Contracts that were published in a blockchain. Hence, the scores ensured non-repudiation and auditability. Nonetheless, they are still under the design and implementation phases, so their assumptions were not subsequently contrasted.

5G RANs are designed to provide flexible use of frequency bands and offer the highest performance to a wide range of applications and scenarios, such as dynamic spectrum allocation [19]. Nonetheless, such novelties also introduce multiple security challenges such as feasible spectrum sensing data falsification, mistrust toward Base Stations (BSs), absence of confidentiality, integrity, or availability, among others. Thus, this section recaps how trust and reputation models may be employed to deal with some of the security issues discussed previously. Table 8 summarizes the principal characteristic of each solution.

With respect to SSDF (spectrum sensing data falsification), Bai et al. [11] presented a beta reputation-based mechanism to cope with SSDF attacks. In this case, the dynamic mechanism leveraged the historical behaviors of Cognitive Users (CUs), through a time proportion coefficient, to predict a reputation value as well as the rise and fall factors. Thus, the rewards and punishments were measured as the set of the user’s trust values in the \(k\) sensing round and the numbers of non-stop honest and dishonest reports, respectively. This approach also introduced a satisfaction mechanism to allow users to update a reputation value in accordance with the perceived result. With 50% malicious users over the total, it maintained a lower false alarm (0.0095) and misdetection (0.0087) probabilities. In the manner of Bai et al. [11], Ling et al. [70] utilized behavior-based trust models as a mechanism to single- and multi-agent reinforcement learning attacks (SARL, MARL) in Cognitive Radio (CR) scenarios. Considering the trust model, it was defined following a Q-value approach in which cluster heads discovered reliable nodes to be included in the cluster for performing particular actions depending on the Q-value required (from 0.0 to 1.0). As well, a reinforcement learning approach was also contemplated to enhance the cluster size adjustment schemes after excluding spiteful users. After such actions, their trust scores were increased or diminished with respect to their behaviors. The experiments displayed an 18% improvement cluster scalability size, when the Q-value was set to 0.9, compared to the non-SARL and traditional (SARL). Rathee et al. [97] also coped with conventional CR network attacks. Hence, a trustworthy and secure routing and handoff framework was designed. First, the authors settled different pre-established thresholds that had to be overcome by CUs to access an idle band and transmit data. Second, a trust analyzer gathered prior history connections for CUs and their neighbors to verify the reliability of transmitting nodes. Then, the trust analyzer carried out a cold-start using the Social Impact Theory Optimizer and elected the most reliable path and nodes to forward the data. In terms of accuracy, the framework got a 97% TPR and 99% TRN with 100 malicious nodes.

Reus-Muns et al. [98] designed a radio frequency fingerprinting, using an eight-layer CNN (convolutional neural network) to continuously audit the raw IQ signals from a BS. The trust quantifying of a BS was linked to a softmax activation function, which in turn took as inputs information from previous layers. Then, the softmax values classified the BS with one of the pre-defined classes (no trust, partial trust, or trusted) by means of a probability distribution function. In addition, the Adam optimizer was chosen to set the decay of time to \(1e^{-4}\). The experiments outlined a 92.97% and 99.86% detection accuracy for 512 and 5,120 IQ samples. Along the lines of Bai et al. [11], Hu et al. [46] presented a dynamic trust model centered on a beta distribution. In this case, observational statistics were deemed as the main trust information sources, together with weighting coefficients. Like Bai et al. [11], Hu et al. [46] also formulated an equation to reward or punish a user’s trust level and its credibility from consistency between the registered history and the current decision result. In the end, a ROC (receiver operating characteristic) from 0.92 to 0.94 was achieved under different malicious users, and at the same time, they covered a wide variety of properties and features. Finally, Kumar et al. [64] helped CR networks identify misbehaving nodes that reported incorrect sensing results about the presence or absence of licensed users. To deal with it, the authors presented a trust-aware model capable of assessing unlicensed users from their past behaviors and filtering them from the final decision. Besides, awards and punishments were leveraged after each interaction as well as the forgetting factor, which applied different forgets based on miss detection error. When it comes to performance, the experiments showcased how the trust-aware model was able to diminish the total utility loss from 3.4 (without trust) to 0.5 with a 100% attack rate and adapt to the context when Denial of Service attacks occurred.

To bring the literature review to an end, Figure 4 shows the distribution of the analyzed solutions regarding the main properties and features per asset. By and large, dynamism, context-dependence, and quantification are the most considered properties across 5G and B5G assets. This is mostly due to the on-demand service/resource provisioning that such enablers may enable in their application scenarios. Nonetheless, properties such as identity are present in all enablers, although not in the same proportion as those mentioned previously. We believe that such property is gaining more bearing in recent years, and it could take advantage of novel technologies such as the Decentralized Identifiers [108] to be fully integrated. Concerning the features, the direct and indirect trust together with the weighting are the three key pillars to establish trustworthy relationships in all 5G and B5G assets. However, others, such as satisfaction, privacy-preserving, or reward and punishment, are under-represented and, from our point of view, may ameliorate trust models through retroactive feedback, improve data security, and stabilize the level of trust based on subsequent actions, respectively.

Bearing in mind the present review of the state of the art, this section gathers essential characteristics to be considered by future reputation-based trust model approaches.

Once a thorough review of the state of the art has been conducted, the following items represent the principal challenges that future 5G and B5G trust solutions should bear in mind to ameliorate the current ones.