Trust Management in Cloud Computing: A Critical Review

Cloud computing has been attracting the attention of several researchers both in the academia and the industry as it provides many opportunities for organizations by offering a range of computing services. For cloud computing to become widely adopted by both the enterprises and individuals, several issues have to be solved. A key issue that needs special attention is security of clouds, and trust management is an important component of cloud security. In this paper, the authors look at what trust is and how trust has been applied in distributed computing. Trust models proposed for various distributed system has then been summarized. The trust management systems proposed for cloud computing have been investigated with special emphasis on their capability, applicability in practical heterogonous cloud environment and implementabilty. Finally, the proposed models/systems have been compared with each other based on a selected set of cloud computing parameters in a table.

💡 Research Summary

The paper provides a comprehensive review of trust management in cloud computing, positioning trust as a pivotal component of cloud security. It begins by outlining the rapid adoption of cloud services—Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)—and emphasizes that the lack of reliable trust relationships between providers and consumers hampers broader acceptance. The authors then trace the concept of trust across several disciplines (psychology, sociology, economics) and distill common attributes: trust emerges under uncertainty and risk, it guides decision‑making, it is built from prior experience, it is subjective, evolves over time, is context‑dependent, and multi‑faceted. They further adopt McKnight and Chervany’s taxonomy of sixteen trust characteristics grouped into competence, predictability, benevolence, integrity, and other factors.

To structure the diverse literature, the authors propose a four‑dimensional classification of trust functions: (1) subjective versus objective, (2) transaction‑based versus opinion‑based, (3) complete versus localized information, and (4) rank‑based versus threshold‑based. Using this framework, they survey twelve representative trust models originally designed for peer‑to‑peer (P2P), grid, or social network environments:

1. CuboidTrust – a three‑dimensional cube that aggregates contribution, feedback quality, and resource quality, computing global trust via power iteration.
2. EigenTrust – assigns a unique global trust value to each peer based on upload history, using local satisfaction/dissatisfaction scores and power iteration.
3. Bayesian Network‑Based Trust Management (BNBTM) – employs multidimensional Bayesian networks with beta distributions to model interaction outcomes.
4. GroupRep – a hierarchical, group‑centric model that defines trust among groups, between groups and peers, and among peers, using the minimum trust along the most trustworthy path.
5. AntRep – a swarm‑intelligence approach where each node maintains a reputation table analogous to a distance‑vector routing table; forward and backward ants propagate reputation values.
6. Semantic‑Web Trust Model – multiplies edge ratings along all paths between two agents, weighting shorter paths more heavily, and incorporates a reliability factor for indirect recommendations.
7. Global Trust – recursively combines local trust values from neighbors with their global trust to derive a node’s global trust.
8. PeerTrust – integrates transaction‑based feedback, transaction volume, feedback credibility, and adaptive context factors (transaction and community) into a composite trust metric.
9. PATROL‑F – combines direct experience, reputation, node credibility, decay over time, first impressions, and hierarchical relationships using fuzzy logic to handle uncertainty.
10. Trust Evolution – distinguishes direct trust (derived from recent interactions) and recommendation trust (derived from peers’ recommendations), normalizing both to the