State-of-the-art IoV trust management a meta-synthesis systematic literature review (SLR)

Key terms

Following key terms and search queries are searched in different repositories. The key search terms are driven by research questions using PRISMA guidelines.

• IoV

• VANET

• ITS

• Vehicular network

• Trust evaluation

• Trust management

• V2V communication

• MANET

• “VANET” or “IoV” or “ITS” and “trust management” or “trust evaluation”

• “VANET” or “IoV” and “trust management” and “V2V communication”

• “MANET” and “trust management” or “evaluation” and “context awareness”

• “IoV” and “trust management” and “V2V communication”

• “Internet of vehicles” and “trust evaluation” and “V2V communication”

• “Context aware” and “VANET” and “trust management” or “trust evaluation”

2. Second phase

Because of the large number of articles that were retrieved in first phase, the second step involved tool-based filtering. Filtering by using the citation tool allowed us to identify duplicate studies from different sources and versions. At the end of this phase, we had a collection of 120 articles from different repositories.

3. Third phase

In this phase, the focus was “abstracts” other than the entire metadata. By considering the abstract of each paper, irrelevant data could be removed, 73 papers were excluded by this process which resulted in 47 articles remaining in our collection.

4. Fourth phase

Finally, all the remaining papers were read in detail. This process led to the exclusion of papers that did not meet the selection criteria or standard or were beyond the scope of our work. During this phase 16 articles were excluded, finally, 31 research articles were selected to conduct the study. The SLR selection process is illustrated in Fig. 3.

Approach by TMs

The core approaches adapted by TM models are listed in Table 7, in which models that have certain key approaches in common are combined. By analyzing the data provided in Table 7, it is easy to identify the most and least commonly adapted approaches and the most common aspects of different models. The commonly employed approaches were extracted from Table 7 and are plotted in Fig. 5 for easy understandability. The bar graph in Fig. 5 highlights the top ten parameters used in different studies. Experience is the topmost property adapted by most of the TM models, followed by neighbor opinion and vehicles with special roles.

The core techniques, methodologies, and related components used by each TM model are summarized in Table 8. As discussed in “Introduction”, TM models can be categories as: data centric, entity centric, and hybrid. Previously, researchers mostly focused on data centric TMs, after which they realized that node properties are an important part of any TM, resulting in the proposal of many entity centric models. Hybrid models are a combination of both of these techniques. Other than these three categories, certain other characteristics play an important role in TM, as discussed in this section. The aim of the discussion is to clarify the concepts behind different techniques that are expected to lay the foundation for unification during the standardization process. Furthermore, the discussion highlights certain aspects warranting further research.

1. Data centric TM models

These models are based on data (message) for trust evaluation. A data centric model (Chen et al., 2010), with the aim of improving the scalability using trust, was proposed. The authors evaluated the trust by using an opinion-based approach to identify malicious nodes by evaluating the trust. In addition, they used a cluster and role-based approach with the majority opinion being one of the key elements of this approach.

A few similar models (Minhas et al., 2010b; Raya & Hubaux, 2007), in which a neighboring vehicle provides its opinion on the trustworthiness of events, were presented. The trust is computed on the basis of the highest vote. A drawback of these models is that messages can only be communicated among specified nodes in one group. These models can be used for distributed attacks using “neighbor node opinion.” A second drawback of these models is that opinion calculation methods are not clearly defined.

Other researchers (Shaikh & Alzahrani, 2014) presented a decentralized TM system for VANETs. The scheme is based on different values calculated for the location and time to evaluate the trust. Their model seems effective in certain situations, but has limitations. Based on similarity, another TM model (Yang, 2013) used the similarity between a node and the data to evaluate the trust level. Although a unique method of similarity was introduced, the technique was not validated. The trust was calculated based on direct and indirect experiences. The experimental details were not discussed, although the model seems to belong to the research field theoretically.

A model based on vehicle behavior and a Markov chain (Gazdar et al., 2012) was presented. The Markovian state transition was used to allocate and evaluate the trust of a node. In this model, all the vehicles act as monitors within their related perimeter. The model is distributed and maintains the record of trust locally. In another study (Wu, Ma & Zhang, 2011). the researchers proposed an RSU-based data centric TM model. An earlier data centric TM model (Raya et al., 2008) considers role-based desperation, where nodes related to governmental organizations hold more trust credibility. In contrast, the model also considers the node trust level. Bayesian inference and the Dempster-Shafer theory are used to handle uncertainty.

The data centric approach is used by earlier TMs, which lack the use of information associated with the node (entity). Entity centric and hybrid models have better capabilities than data centric models. It can be concluded from the above discussion that, even though the data centric approach is less effective, yet this approach is important for TM. It can play a key role in a hybrid TM system (Yao et al., 2017).

2. Entity centric TM models

These models are based on building trust against vehicle (entity). In a recently presented entity centric TM model (Soleymani et al., 2017) the level of trust is assessed by fuzzy logic, using experience and probability. Authentication is based on the local ID and the location of the sender also plays a major role in the model. Another entity centric distributed TM model (Haddadou, Rachedi & Ghamri-Doudane, 2014) is based on the allocation of credit to the nodes used for TM. The model identifies the malicious node and motivates selfish nodes by awarding credits if they participate. The node is initially assigned a credit value, which increases or decreases over the time period.

A trust protocol based on a time frame (Ya, Shihui & Bin, 2015) is presented with the aim of identifying malicious vehicles in the network. The trust value of a node is determined by the feedback from the neighboring nodes. A hybrid TM model that considered location privacy (Chen & Wei, 2013) was presented. The presented technique is based on beaconing, where the movement of nodes plays an important role. A combination of direct and indirect trust was used in this model to evaluate the trust, which was validated using Dempster-Shafer evidence. An ant colony-based cluster TM model was proposed (Sahoo et al., 2012). Clusters were formed by using different parameters such as direction and speed. The head of a cluster was selected based on a higher trust level. Trust was based on neighbor opinion.

A model based on prior experience, neighbor-suggestions, and CA was used to build node trust (Mármol & Pérez, 2012), which was achieved by using the reward and punishment method. The trust was determined in a fuzzy fashion to facilitate assessment by the system. Other entity centric models (Cui et al., 2019; Li et al., 2013) used a mix of CA and cryptography. The primary problem with these models is that, once the vehicle has been authenticated, it cannot act maliciously. A decentralized agent-based TM model (Minhas et al., 2010a) using role, experience, and opinion, was presented. Another TM model (Biswas, Misic & Misic, 2011) was based on node-ID and local authentication by the public key, where digital signatures play a key role in this model for node identification. The assumption that “an authenticated node is trustable” is not realistic in VANETs. A scheme to ensure trust during communication in a VANET was proposed (Li et al., 2012). They set the “trust” as the reputation score of any node in the network. A message from highly reputed vehicles is considered trusted. However, experience is involved in building a reputation. Another unique aspect of their work is the feedback against the reporting vehicle.

An entity centered framework for trust evaluation without a centralized system was proposed (Gazdar, Belghith & Abutair, 2018). The framework focuses on immediate knowledge between adjacent cars. Their system is also effective for fake message detection. The solution is based on the self-organization of nodes in a network rather than depending on centralized authorities. The trust level of a vehicle is evaluated using different parameters. Neighboring vehicles play an important role in trust measurement. Based on the discussion and analysis of entity centered techniques, it is firmly established that these models are the core of any TM model. Without considering the entity, the performance of TM models is compromised. On the other hand, simply relying on the entity for trust evaluation is also not the ultimate solution.

By discussion and analysis of entity centric techniques, it is firmly established that these models are the core of any TM models. Without considering entity the performance of TM models is compromised. On the other hand, relying just on the entity for trust evaluation is also not the ultimate solution.

3. Hybrid TM models

Most of the recent models are hybrid models, combining data and evaluate the legitimacy of the received message. A proposed hybrid trust approach (Yao et al., 2017) for VANETs is based on the assignment of classified weights to different entities of the system. The model applies experience and utility theory, and the authors assumed certain attributes and the pre-assignment of weight. A renowned group (Wei, Yu & Boukerche, 2014) applied a hybrid approach, based on a combination of Bayesian rules to find the trust and Dempster-Shafer theory for handling uncertainty. The approach is based on direct and indirect trust to calculate the overall trust. A hybrid framework for TM, based on neighbor nodes, was presented (Ahmed, Al-Rubeaai & Tepe, 2017). The model divides trust into three categories: events, nodes, and recommendations. Based on consistency and similarity, the trust for a certain event is calculated and updated. The presence of legitimate events and nodes in the system is an assumption. In a long-term trust relationship model (Biswas, Sanzgiri & Upadhyaya, 2016) the main trust evaluation body is the RSU supported by CA at the top. The model assumes that all the vehicles in the networks are registered with the CA and maintain a certain level of trust.

A trust evaluation study based on cluster and intrusion detection is presented to deal with different attacks (Sedjelmaci & Senouci, 2015). The trust level is evaluated using majority voting by neighbor nodes. The model is subdivided into three: local, cluster head, and RSU. Trust is managed by the cluster head. The node is categorized in the list of trusted, suspicious, and attackers. Rawat et al. (2015) worked on a combination of two different approaches, probabilistic and deterministic. The probability of a malicious node is calculated using Bayesian. The deterministic part calculates the trust message by calculating distances using signal strength, arrival time, and location. By most reliable nodes among adjacent cars (Abdelaziz, Lagraa & Lakas, 2014), a new idea of filtering is used as a forwarding process. The implementation of the system avoids engaging in a network with cars recognized as likely dishonest users. A trust list is maintained locally by every vehicle, which is based on node interaction. Node velocity is used to determine the neighbors. The last message received serves as an integral part in evaluating trust since piggybacking is used.

In a cluster-based trust framework, misbehaving vehicles are sorted by assessing their speed variation (Wahab, Otrok & Mourad, 2014). The system is based on a reward scheme for motivation. To counter the trust and untrusted nodes, the Dempster–Shafer module is set in place as a watchdog. The cluster head plays the main role in their model. The model seems very complicated and unrealistic in real situations. In a study (Li et al., 2013) based on a centralized TM, all the nodes monitor neighboring nodes and forward their opinion to the centralized system. The central system finally calculates the trust value based on new and previous data. RSU also plays an important role in this system.

In a study (Zhang, Chen & Cohen, 2013) researchers worked on a peer opinion based TM model, and peers after receiving a message provided their opinion and forwarded the message. The model combines many sub-modules, such as propagation, trust evaluation, and peer-to-peer trust modules. Finally, trust is monitored and managed by a CA. An RSU-managed TM model, using role and experience, was presented (Monir, Abdel-Hamid & El Aziz, 2013) and is unlike other models that associate the driver ID with trust evaluation. The trust level of a vehicle increases with time in terms of experience. A penalty for malicious nodes is also part of the system, which reduces the trust level of the node in the future.

Overall, hybrid models have more adaptability and dynamicity. As vehicular networks require dynamic solutions, it is essential to design a TM model in a hybrid manner. The hybrid models allow multiple dimensions and the properties of both data and nodes to be used for trust evaluation.

RQ2. To what extent are the proposed models effective?

In this section, we discuss the critical aspects of a TM model with respect to existing models. The purpose of the discussion is to facilitate the establishment of the effectiveness of the current models.

Assumptions made by TM models

Most models made certain assumptions about their TM processes that create inflexibility. In a dynamic environment, assumptions decrease the importance of the proposed solution. For instance, assumptions made by Chen et al. (2010) and Raya et al. (2008), that special-vehicles are present in every situation, are unrealistic. Another assumption made by Sedjelmaci & Senouci (2015), “RSU is always available” which is practically unfeasible. Likewise, Abdelaziz, Lagraa & Lakas (2014) assume that all nodes are moving with the same velocity, which does not match the nature of the network. So much so, every model has some assumptions that make it hard to implement in real-time. The assumptions made by the TM models are listed in Table 9. However, assumptions regarding the implementation process prove to be a major hurdle. During a real traffic event, assuming the presence of special vehicles, RSU availability, pre-assigned trust, and many others can create serious problems while evaluating the trust. During a random event and network scenario, a TM model must not assume any variable to be completely implementable.

Centralized or decentralized vehicular network

There has always been a divide on whether ad hoc networks should be centralized or decentralized. Certain models (Abdelaziz, Lagraa & Lakas, 2014; Gazdar et al., 2012; Haddadou, Rachedi & Ghamri-Doudane, 2014; Saini, Alelaiwi & Saddik, 2015; Shaikh & Alzahrani, 2014) considered decentralization as their approach, whereas others applied a centralized approach (Hussain et al., 2016; Li et al., 2012, 2013; Mármol & Pérez, 2012; Monir, Abdel-Hamid & El Aziz, 2013). In a recent study (Arif et al., 2019) the authors recommended centralized validation for TM. The main issue is the ultimate connectivity, which is difficult to achieve in these networks. In addition, for security, centralized data storage and management is essential. Although a practical solution would be to periodically synchronize trust data with a centralized management system, completely relying on centralized management is not the best practice. On the other hand, having a solely decentralized system causes a serious threat to the ad hoc networks.

Importance of authentication

The first step in any security system is authentication with a vehicular network. Here, the point of dispute is “If the authentication alone fulfills the security requirements.” A VANET is likely to experience a security breach after the legitimate approval of an authenticated node. In certain studies, authenticated users were assumed to always broadcast legitimate messages (Cui et al., 2019; Li et al., 2013; Mármol & Pérez, 2012). In a real situation, this may result in highly adverse security consequences, such as Sybil, DOS and DDOS, node-impersonation attacks and, message-tempering (Kerrache et al., 2016; Saini, Alelaiwi & Saddik, 2015; Sakiz & Sen, 2017). Furthermore, Sakiz & Sen (2017) explain in their work that how an already authenticated node can be compromised by an attacker for blackhole and wormhole attacks. An authenticated node can be used for session hijacking, explain Hasrouny et al. (2017).

Authentication must be dynamic and efficient in order to meet the requirements of IoT/IoV (Challa et al., 2020), for which researchers are working on lightweight authentication schemes (Vasudev et al., 2020). Wazid et al. (2020) proposed a lightweight authentication scheme for IoT sensor data. Another research work (Wazid et al., 2018) on lightweight user authentication for internet of drones for direct communication is proposed. Blockchains can be a useful tool to build lightweight authentication solutions (Jangirala, Das & Vasilakos, 2019). The result shows that lightweight authentication schemes are suitable and secure for dynamic networks. Even though authentication is an essential aspect of an ad hoc network, we cannot rely solely on authentication.

New node entering the network

A critical issue during TM that is not taken into consideration is the entry of new nodes into the network. The question “how to assign a new node with initial trust” remains unanswered. Certain studies (Abdelaziz, Lagraa & Lakas, 2014; Ahmad, Franqueira & Adnane, 2018) assigned a new node a trust value of 1 or 0.5, but the reason for this approach is not discussed in any of these papers. An intense study needs to be conducted to formalize the mechanism whereby a new node is introduced to a vehicular network.

Cluster approach to handle trust

A number of studies (Chen et al., 2010; Sahoo et al., 2012; Sedjelmaci & Senouci, 2015; Wahab, Otrok & Mourad, 2014) adopted a cluster approach for managing trust. It is observed in most of the studies that a cluster creates inflexibility in a network. A VANET has a dynamically changing topology (Xu et al., 2020), and inflexibility can cause the network to malfunction. Nonetheless, this does not decrease the importance of clustering in certain scenarios. In conclusion, the cluster approach can be used in TM but in limited scenarios. Cluster management needs to be defined and standardized to be used successfully. Cluster head selection has also been discussed in certain studies.

Role-based approaches

The presence of special vehicles (vehicles from governmental organizations such as ambulances, police vehicles, or fire engines) in the network requires a role-based approach (Ahmad, Franqueira & Adnane, 2018; Alagar & Wan, 2015; Haddadou, Rachedi & Ghamri-Doudane, 2014; Monir, Abdel-Hamid & El Aziz, 2013; Zhang, Chen & Cohen, 2013). Role-based nodes are considered trustworthy in these models and are assigned a higher trust level than other nodes. The question that remains unanswered is the approach to follow when special vehicles are present in every event. Practically, it is not possible to have special vehicles everywhere; eventually, the subtraction of role-based vehicles from the network at any time would affect the performance of the TM model. Role-based nodes and their use have been the topic of many studies, and this approach might be useful in certain situations.

RSU-based approaches

In the early phases of VANET research, RSUs became an essential part of the VANET architecture (Behravesh & Butler, 2016). Models (Alagar & Wan, 2015; Biswas, Misic & Misic, 2011; Biswas, Sanzgiri & Upadhyaya, 2016; Li et al., 2013; Monir, Abdel-Hamid & El Aziz, 2013; Sedjelmaci & Senouci, 2015; Wu, Ma & Zhang, 2011) that used the RSU as the main authority for TM were proposed. A “trust value” was assigned to an RSU depending on its location and coverage (Biswas, Sanzgiri & Upadhyaya, 2016). Another RSU-based study (Alagar & Wan, 2015) presented a trust scheme using role-based vehicles. Further, they considered an RSU as a monitoring and managing node that also has a trust value, and the overall network was controlled by the CA. A TM model involving RSU-based scheme (Wu, Ma & Zhang, 2011) was proposed, in which an RSU receiving environmental change reports by all vehicles after receiving reports from the RSU is responsible for deciding whether any message is real or false. The feedback process serves to confirm the trustworthiness. However, relying on an RSU is not a practical approach, as RSUs are stationary nodes and RSU availability cannot be assured across the entire network (Chi et al., 2013; Haydari & Yilmaz, 2018). Despite all of these facts, the RSU continues to remain the main component of the VANET architecture and can be used wisely in certain situations or as a supporting node.

Fuzzy logic in TM

Fuzzy logic is a very useful tool and is used in many AI solutions. Two research groups (Mármol & Pérez, 2012; Soleymani et al., 2017) used fuzzy logic in their work to evaluate trust. According to the first group (Soleymani et al., 2017) reason for using fuzzy logic is the uncertainty within VANETs. Their results show that fuzzy logic can be used positively in trust evaluation. In a review study (Sumithra & Vadivel, 2018) authors elaborated on the potential need for a fuzzy logic method for the TM model in VANETs. The study found coherence between VANET and fuzzy based solutions. The authors further mentioned that fuzzy approaches lack robustness and verity adoption, however, fuzzy methods seem to be a good solution if they are used in TM. The only disadvantage of fuzzy based TMs is the time consumed during the process of computing the trust because a vehicular network cannot afford time delays.

Uncertainty handling while evaluating trust

A point of uncertainty always exists during trust evaluation (Yao et al., 2017). The majority of models are unable to discuss the uncertainty in their solutions. A TM model without the ability to handle uncertainty is considered an incomplete solution. Models that considered uncertainty while evaluating trust (Chen & Wei, 2013; Haddadou, Rachedi & Ghamri-Doudane, 2014; Monir, Abdel-Hamid & El Aziz, 2013; Wahab, Otrok & Mourad, 2014; Wei, Yu & Boukerche, 2014; Ya, Shihui & Bin, 2015), processed the uncertainty by using probability approaches such as Bayesian, the Dempster Shafer theory, and Markov processes. Researchers designing a TM model need to prioritize uncertainty handling.

Use social media

Social media could form a new addition to TM in IoV networks. TM in social vehicular networks was discussed on the basis of email and social media-based trust (Hussain et al., 2016). The model relies on CA to manage trust. The idea of considering social media was presented at a conference and seemed interesting, but is quite exposed to social media threats. Here it is important to note that the trust is associated with the user rather than the node. Driver-based trust faces the problem of disassociation, which might lead to miscalculation of the trust value. However, social media is an essential part of next-generation design (Zia, Shafi & Farooq, 2020).

RQ3 Is context awareness suitable for the development of trust in the vehicle network?

Context awareness

Vehicular networks are the most complex wireless networks and thus require flexibility in all aspects. Context awareness is an AI method that can be used to introduce flexibility to any system; contextual awareness is the ability to assess and adapt the environment (Ramos, Augusto & Shapiro, 2008). Very few studies in this field have been reported, and a few studies have partly considered the context in vehicular networks (Ahmad, Franqueira & Adnane, 2018; Alagar & Wan, 2015; Rostamzadeh et al., 2015). Our efforts to find the true essence of context awareness in these studies were unsuccessful. However, in related fields, such as distributed, ubiquitous, and mobile ad hoc networks, several studies related to context awareness have been reported.

A study of IoT architecture for smart cities (Gaur et al., 2015) used context awareness for scenario building. Their work focuses on the representation of knowledge of the smart city architecture through contextual awareness, which has become a necessity for ubiquitous systems (Taconet & Kazi-Aoul, 2010). Another study on interoperability in ubiquitous systems (Strang & Linnhoff-Popien, 2003) applied context awareness with positive results. A study on VANET/ITS (Al-Sultan, Al-Bayatti & Zedan, 2013) used context awareness to assess driver behavior. The outcome of the study was that context awareness has significant potential in relation to vehicular networks. The importance of context awareness in MANETs (Moloney & Weber, 2005) elaborated on the importance of context implementation in a system that is equipped with sensors. Moreover, the study suggested that any systems with sensor objects that can make good use of context awareness would be beneficial to vehicular networks while using node-to-node communication. Node-to-node context applications in MANETs were investigated (Wibisono, Zaslavsky & Ling, 2010) for the purpose of context building in MANETs. Context-aware systems are able to adapt to changes and increase the usability of any system and the efficacy thereof was discussed (Maneechai & Kamolphiwong, 2014) in relation to distributed systems. In a futuristic study on different aspects of vehicular network security (Wan et al., 2014), the use of context awareness in such systems is strongly recommended, especially with respect to security and safety. Context awareness for automatic TM is an important field of research (Yan, Zhang & Vasilakos, 2014).

A survey study (Yürür et al., 2016) on context awareness for the future of mobile systems, determined that a context-aware system has the ability to sense its environment. Furthermore, by using context the network increases its security, quality, and credibility. Their work concludes by highlighting the use of context for mobile-based systems. Furthermore, IoT architecture must be intelligent, and for that, context awareness is an effective method (Sarkar et al., 2014). The forthcoming networks are intelligent networks, for which context awareness is the key method to be adopted (Bilen & Canberk, 2015). A study on ambient computing (Babu & Sivakumar, 2014) discussed the ability of context awareness to enable adaptation for ubiquitous systems. Further, the researchers pointed out that a system that assesses the situation and acts accordingly must be equipped with context awareness. The challenge is to design context-based security middleware for a heterogeneous system. An earlier study determined that context awareness has special characteristics that support intelligent vehicle systems (Sørensen et al., 2004), but little work has been carried out in this direction. Further, they discuss the context that can be useful in V2V communication for intelligent vehicles.

Context awareness is a necessity for upcoming ad hoc networks, especially VANETs (Aguilar, Jerez & Rodríguez, 2018). Their work on context modeling has significant potential in wireless networks. Further, they indicated that the application of context to ad hoc networks may be advantageous. Context awareness was employed to enhance the security of wireless networks (Lin, Yan & Fu, 2019). This study was based on heterogeneous networks to show the implications of context awareness. Their positive results showed that applying context awareness to security increased the adaptivity.

In a VANET context-aware study for detecting misbehaving nodes (Chi et al., 2013), the authors applied context using neighboring nodes and used mobility information to construct the context. Their work yielded positive results that were the outcome of context awareness. A context knowledge representation scheme was presented (Ruta et al., 2018). Their work shows the implications of context in wireless networks, especially IoT-related technologies and VANETs, which strongly support our research question. In a recent study, context was employed to design a safety system in VANETs (Shen et al., 2016). The concept is for vehicles to share the road environment while driving safely. Routing can be improved by context awareness in wireless networks, especially in the IoT (Dhumane et al., 2018). A context-based VANET privacy model (Emara, Woerndl & Schlichter, 2015) that implemented contextual privacy successfully improved location tracing. The work was evaluated against the quality of service and found to be satisfactory even after the application of context awareness.

Based on the above discussion and relevant studies, it is established that context awareness has the potential to be applied to vehicular networks for TM. Nonetheless, the term context could be interpreted to have a general meaning and many related challenges would need to be overcome. As the context has already been considered for MANETs, it could be used as the foundation for VANET/IoV as well. A comparative overview is presented in Table 10 based on a published report (Sharma & Kaushik, 2019).