A Service Recommendation Model in Cloud Environment Based on Trusted Graph-Based Collaborative Filtering Recommender System

Abstract

Cloud computing has increasingly adopted multi-tenant infrastructures to enhance cost efficiency and resource utilization by enabling the shared use of computational resources. However, this shared model introduces several security and privacy concerns, including unauthorized access, data redundancy, and susceptibility to malicious activities. In such environments, the effectiveness of cloud-based recommendation systems largely depends on the trustworthiness of participating nodes. Traditional collaborative filtering techniques often suffer from limitations such as data sparsity and the cold-start problem, which significantly degrade rating prediction accuracy. To address these challenges, this study proposes a Trusted Graph-Based Collaborative Filtering Recommender System (TGBCF). The model integrates graph-based trust relationships with collaborative filtering to construct a trust-aware user network capable of generating reliable service recommendations. Each node’s reliability is quantitatively assessed using a trust metric, thereby improving both the accuracy and robustness of the recommendation process. Simulation results show that TGBCF achieves a rating prediction accuracy of 93%, outperforming the baseline collaborative filtering approach (82%). Moreover, the model reduces the influence of malicious nodes by 40–60%, demonstrating its applicability in dynamic and security-sensitive cloud service environments.

1. Introduction

Recommendation systems have become an integral part of daily decision-making, influencing choices such as selecting an academic institution, purchasing a vehicle, or choosing a travel destination. In the context of cloud computing, they play a pivotal role in enhancing the user experience by guiding service selection based on prior interactions and preferences. The concept of recommendation systems was first introduced in the 1990s by Tapestry, which used collaborative mechanisms to collect user feedback and suggest relevant services and products [1]. Since then, these systems have evolved significantly and are now core components of major e-commerce and content delivery platforms such as Amazon, Flipkart, Google, Netflix, and YouTube [2,3]. They support business strategies through personalized product suggestions and content delivery.

A persistent challenge in cloud service delivery is the selection of the most suitable service from a diverse and dynamic pool. Recommendation systems are now considered essential for identifying user needs and enhancing interactions between service users (SUs) and service providers (SPs) [4,5]. In cloud environments, each node may function as both a service provider and a service user. The decision to recommend or reject a cloud service is often influenced by feedback collected from neighboring nodes within the computing domain.

Over the years, various algorithmic approaches have been developed for recommendation tasks, including the following:

• Content-Based Filtering—Analyzes user preferences to recommend items similar to those previously selected.
• Collaborative Filtering—Identifies users with similar behavior patterns and recommends items based on shared interests.
• Hybrid Models—Combines content-based and collaborative filtering techniques to enhance accuracy and address individual limitations.
• Knowledge-Based Recommendation Systems (RS)—Relies on domain-specific knowledge and explicit user requirements.
• Graph-Based RS—Represents users and services as nodes in a graph, where edges denote interactions or recommendations; a random walk through the graph helps identify the most relevant service.

An overview of these recommendation schemes is illustrated in Figure 1.

In recent years, trust management systems have garnered significant attention for their potential to enhance recommendation systems, particularly in the context of cloud security. Trust-aware recommendation models are increasingly being explored as a means to ensure not only the reliability of recommended services but also protection against threats such as malicious feedback, reputation manipulation, and service-level attacks. Notably, even prominent e-commerce platforms such as Amazon and Flipkart have experienced data breaches, underscoring the urgent need for robust, trust-integrated recommendation mechanisms. Incorporating trust into recommendation frameworks is thus essential—not only to improve service reliability and user satisfaction but also to strengthen the credibility and resilience of cloud ecosystems. Effectively addressing these challenges can help bridge existing gaps in intrusion detection and enable secure, personalized, and scalable cloud service delivery [6,7,8,9].

1.1. Cloud Security

Given the multi-tenant nature of cloud systems, the attack surface is significantly expanded, increasing the risk of unauthorized access and malicious activity. Traditional access control models—such as those based on Access Control Lists (ACLs)—define user permissions according to predefined roles and attributes. However, these models are typically static and do not consider the dynamic trustworthiness of users and roles involved in service interactions. Security in cloud computing is generally categorized into hard and soft security mechanisms. Among hard security approaches, cryptographic techniques and access control policies remain the most widely adopted solutions for ensuring data confidentiality, integrity, and controlled access. In contrast, soft security mechanisms emphasize trust management and recommendation-based trust computation, providing adaptive, behavior-driven protection that complements hard security. Incorporating trust values into access control mechanisms is increasingly recognized as an effective means of enhancing the resilience and security of cloud computing environments, thereby safeguarding the integrity of data owners’ assets. Figure 2 illustrates the various security mechanisms employed in cloud systems.

Recent advancements [10,11,12,13] have aimed to enhance traditional Role-Based Access Control (RBAC) mechanisms by incorporating encryption techniques and trust-aware frameworks. For example, Saxena and Alam [10] utilized partial homomorphic encryption to enable secure role-based data access, while [11] extended this approach by integrating identity- and broadcast-based encryption to strengthen confidentiality. Additionally, ref. [12] suggested a trust-oriented RBAC model that dynamically assesses user trustworthiness to preserve data integrity during access requests. The framework introduced in [13] implemented a reinforced access control strategy to ensure reliable computing in cloud environments. While these approaches have significantly advanced the security and flexibility of access control systems, ongoing challenges include the dynamic adaptation of trust metrics, real-time scalability, and the integration of privacy-preserving techniques across heterogeneous and distributed cloud infrastructures.

1.1.1. Hard Security Mechanism—Cryptography and Access Control

Ensuring data security in public cloud environments has long been a concern, particularly because outsourced data is accessible to all service users within an organization. Implementing appropriate user-to-role mapping restrictions is essential for identifying malicious users and enforcing restricted access control. In such models, a service request is only forwarded if the requesting user_id holds a valid mapping in the ACL. The role or inheritance hierarchy governs access privileges (e.g., read, write) based on the permissions associated with each role and its subordinate levels. Once the key management policy is effectively enforced, only the authorized service users receive the decryption keys necessary to access requested data. Therefore, users must possess a legitimate and authenticated role within the organization to gain access to stored data.

However, for open and decentralized environments like the cloud, traditional hard security mechanisms—such as cryptography and RBAC—provide limited protection, mainly confined to access restriction and encryption. To enhance security beyond these boundaries, soft security mechanisms such as trust and recommendation systems must be integrated. These mechanisms help preserve the reputation of Trust Management Systems (TMS) and support the identification and recommendation of trustworthy cloud services.

1.1.2. Soft Security Mechanism—Trust

Trust is widely acknowledged as a fundamental soft security mechanism, particularly effective in assessing whether a service node is reliable or potentially malicious. Unlike hard security, trust is inherently subjective, shaped by the perceptions, sentiments, and experiences of individuals, stakeholders, and user communities. It reflects a belief or expectation about the behavior and dependability of an entity.

In cloud computing environments, SUs rely on SPs for secure resource allocation, user authentication, role assignments, and the detection of malicious nodes. Notably, trust is dynamic and time-sensitive, evolving through continued interactions and experiences. Recent years have seen an erosion of trust in cloud services due to escalating incidents of data breaches and targeted attacks, undermining user confidence and disrupting service continuity. Once users lose trust in a provider, future engagement—not only with the service but potentially with the broader business—is jeopardized.

Reputation can be viewed as the long-term accumulation of trust, built through consistent and positive interactions. Historical data, feedback, and previous recommendations are valuable indicators when evaluating a provider’s trustworthiness. Trust assessment generally encompasses multiple dimensions: defining trust parameters, trust propagation models, trust management, and quantification.

Trust computation can be classified into three key categories:

• Direct Trust (DIT): Based on a user’s personal transaction history with the service provider.
• Indirect Trust (IDT): Derived from feedback or recommendations by neighboring nodes.
• Weighted Trust (WT): Combines direct and indirect trust using assigned weight factors to deliver a comprehensive trust score.

An overview of trust analysis and classification across domains is illustrated in Figure 3.

In dynamic cloud environments, traditional access control mechanisms often fall short in addressing adaptive and evolving threats. In contrast, trust-based access control models offer a flexible and context-aware alternative, enhancing security through dynamic decision-making. Trust values in such systems can be derived from self-observation or recommendations from other entities, both of which contribute to the continuous adjustment of trust scores.

In trust-enhanced access control systems, the ACL maintains trust scores associated with service nodes, which influence the authentication and authorization processes. The authenticity and access privileges of a service node or user are therefore contingent upon its evaluated trust value.

Over time, trust has been effectively incorporated into RBAC frameworks [14,15,16,17,18,19,20,21,22]. In these models, resource owners assign access privileges to roles based not only on static permissions but also on established trust and reputation. Service users mapped to these roles are permitted to access resources only if their individual trust scores meet or exceed a predefined threshold. Moreover, fluctuations in a user’s trust score dynamically influence the reputation of the associated role, thereby triggering real-time updates to access permissions throughout the system.

1.1.3. Trusted Recommendations

Trust-based recommendation systems are essential for identifying user preferences and enhancing interactions between SUs and SPs in cloud environments [23,24]. Beyond service personalization, such systems play a pivotal role in computing trust, which can be harnessed as a form of soft security.

In distributed cloud architectures, services may be recommended or rejected based on feedback and ratings from neighboring nodes, influencing trust-based decision-making. Over time, various algorithmic techniques have been developed to improve the accuracy and relevance of recommendations. Recent advancements indicate that TMSs can complement these models to address growing security challenges in cloud environments.

By integrating trust into recommendation frameworks, systems can more effectively distinguish between reliable and potentially malicious services, thereby strengthening both service reliability and cloud security. While selecting a trustworthy cloud service remains a primary concern for users, accurately modeling user preferences and predicting future service needs is equally critical. Trust-aware recommendation systems thus represent a promising approach for enabling secure, personalized, and adaptive service selection in dynamic and distributed cloud infrastructures [25,26,27,28].

1.2. Novelty and Contributions

This work proposes a novel and enhanced approach—Trust Graph-Based Collaborative Filtering for cloud service recommendation. In this framework, both SUs and SPs are represented as nodes, and Pearson’s Correlation Coefficient is employed to compute similarity between these nodes.

TGBCF is a hybrid approach, combining collaborative filtering with graph-based techniques. The collaborative filtering component utilizes the service-user matrix to assess similarity and predict ratings, while the graph-based component constructs a trust network and facilitates trust propagation. The recommendations generated are subsequently used to derive indirect trust, which is then leveraged in the computation of weighted trust.

Given that trust serves as a soft security mechanism, the proposed model addresses reputation-based attacks and enhances the overall security and reliability of cloud computing systems. Furthermore, restricted access control is incorporated by identifying and mitigating the influence of untrusted rating values. To bridge the identified research gaps, the TGBCF model contributes the following:

• Refinement of Trust Values through recommendation-based security analysis to detect and isolate malicious entities.
• Compute Shortest Distance between the service users using cosine similarity, based on the angular proximity of users in a distributed environment.
• Inference of Trust and construction of a Trusted User Network Set (TUNS) to enable propagation of trust.
• Similarity Index (SI) computation between the SUs on the basis of the evaluated distance between them.
• Weighted Trust computation, by assigning weights with the evaluated parameters SI and Overall Aggregate Trust (OAT) values.
• Prediction of Trusted Ratings for cloud services by utilizing the SI values of users within the TUNS and the OAT, followed by updates to the service-user matrix (SUM).

The remainder of this paper is organized as follows: Section 2 presents a review of the literature on recommendation systems and trust-based models; Section 3 outlines the identified research gaps and motivation behind the TGBCF model; Section 4 describes the TGBCF framework in detail; Section 5 discusses the simulation setup, evaluation metrics, experimental results, and comparative analysis; Section 6 provides a formal analysis of the proposed work; Section 7 concludes the paper; Section 8 highlights future research directions.

2. Literature Review

Trust and reputation, though closely related, are conceptually distinct. Trust is typically established directly between two entities based on prior interactions or observations, whereas reputation is derived from aggregated feedback, ratings, or recommendations from a broader community. In cloud computing environments, an SP’s reputation is significantly influenced by feedback received from service users, SUs, over time. Reputation-based trust can thus be seen as a cumulative indicator of an SP’s reliability and service quality, informed by historical interactions and community evaluations [29,30,31].

In trust-based access control systems, a trust threshold is employed to determine user authorization. Entities with trust values falling below this threshold are removed from the ACL and added to a revocation list. This mechanism helps isolate potentially malicious users and maintain the integrity of the cloud environment [32]. To address cloud-specific security challenges, Trust and Reputation-Based Access Control (TRRBAC) models have been developed. For instance, the model proposed in [33] demonstrates improved resilience against various security threats when compared to traditional RBAC. However, such models often entail increased computational complexity, particularly when integrating penalty mechanisms for negative feedback.

Trust serves as a foundational element in ensuring security and privacy within cloud systems [34]. Several models have explored trust-policy integration to enhance system protection [35,36,37,38,39]. Among these, recommendation systems play a pivotal role in establishing reputation by leveraging user feedback and rating data. These systems span multiple categories, including Content-Based Filtering, Collaborative Filtering, Hybrid Recommender Systems, Knowledge-Based RS, and Graph-Based RS [40,41,42,43].

Despite their strengths, recommendation systems face inherent limitations, such as data sparsity—resulting from limited available ratings—and the cold-start problem, which arises when there is insufficient historical data for new users or services [44,45,46]. Nevertheless, trust computation via recommendation mechanisms has proven effective for identifying malicious nodes. A critical vulnerability arises when malicious nodes outnumber trusted ones, leading to threats such as Sybil attacks, collusion, Denial-of-Service (DoS) attacks, and on/off attacks. For example, in on/off attacks, adversaries act legitimately over time before introducing malicious behavior, thereby evading detection. In DoS attacks, malicious users exhaust system resources to disrupt service availability. Mapping user item ratings to trust values—and filtering those that fall below a trust threshold—is vital for mitigating such threats.

Identifying trustworthy services remains a key challenge for users in dynamic cloud environments. Over the years, diverse strategies for trust computation have been suggested, including data flow-based models, ACL interpretations, and cumulative trust models [12,47,48]. For example, ref. [47] demonstrates how stored service ratings can be effectively processed to derive trust values. Other studies have investigated the reliability of feedback-based ratings and their influence on trust accuracy [49,50,51,52]. Yet, trust remains a multi-dimensional construct, as service providers may exhibit inconsistent behavior across different contexts. Consequently, trusted recommendation systems are essential for accurately interpreting user needs, safeguarding interactions, and preserving the reputation of the TMS.

In recent years, various trust models have been developed to enhance secure access control in cloud environments [53,54,55,56,57,58]. However, the dynamic behavior of user roles in cloud computing necessitates adaptive mechanisms that allow for the revocation or reassignment of roles based on evolving trust metrics. Among the early contributions, Li and Du [59] introduced the “Cloud-Trust” model—an adaptive trust framework that enabled service users to select reliable service providers (SPs) based on dynamic trust assessments. Subsequently, Lin et al. [60] suggested an access control based on mutual trust, which considered both the behavior of service nodes and the trust placed in them by users. These approaches laid the groundwork for trust-aware access control, yet challenges persisted in scalability and resilience to attacks.

Building on the RBAC paradigm, researchers such as Hakim et al. [61], Uikey and Bhilare [62], and Zhou et al. [63] incorporated trust evaluations into role-based access decisions. Zhou et al. proposed two prominent trust models based on probabilistic theory—the Owner-Role mapped RBAC and the Role-User mapped RBAC—that enabled resource owners to evaluate the trustworthiness of roles and users. However, these models remained vulnerable to collusion and on/off attacks. In response, Uikey and Bhilare [62] introduced a trust-aware RBAC extension aimed at mitigating such threats, but it continued to be susceptible to Sybil attacks and coordinated manipulation.

To address performance concerns, Zhang et al. [64] focused on reducing the computational overhead of trust evaluation while improving the identification of malicious nodes. Additionally, Ghafoorian et al. [33] introduced the Comprehensive Trust and Reputation-Based Access Control model, which demonstrated improved resistance to security threats compared to traditional RBAC systems. However, the inclusion of a penalty mechanism for negative feedback increased computational complexity, and accurate detection of malicious behavior became more challenging as the network scaled.

Despite advancements, computational modeling of trust remains difficult due to its subjective and context-dependent nature. Trust evaluation mechanisms such as direct trust, indirect trust, and weighted trust—as explored in [12,33]—are often influenced by biased or fabricated feedback, leading to potentially inaccurate trust assessments. Although weighted trust integrates both direct interactions and external recommendations, there remains a need for an unbiased and integrated approach that generates reliable trust scores for service recommendation.

The increasing reliance on recommendation systems has also heightened the risk of malicious behavior in cloud environments. Common attacks include collusion—where a group of malicious nodes submits false feedback to manipulate reputation—and Sybil attacks, where fake identities are created to skew trust scores [65,66]. E-commerce platforms like Amazon and Flipkart have experienced such threats firsthand, underscoring the need for secure recommendation mechanisms.

Recent advancements in trust-based access control have explored social and contextual trust models to improve cloud security. Zarghami et al. [67] proposed a social trust-aware recommendation system (TAWRM) that used a t-index approach to quantify trust in social networks, highlighting the importance of contextual interactions in refining service recommendations. This approach introduced a novel perspective by incorporating social behavior into trust evaluation—an aspect often overlooked by traditional trust mechanisms.

In efforts to enhance collaborative filtering accuracy, Kim [68] introduced an improved similarity measure within the User-Based Collaborative Filtering (UBCF) framework. This addressed the sparsity issue by factoring in user contribution levels, thereby improving rating coverage and diversity. However, the model’s reliance on static similarity computations limited its adaptability to dynamic user behavior. Complementarily, Lebib et al. [69] presented a Social Trust Recommendation based on Probability Matrix Factorization (STRPMF) approach for cloud service recommendation. Their method incorporated social trust information to mitigate cold-start and sparsity issues but assumed static trust relationships and did not accommodate evolving trust dynamics or role-sensitive access control.

Further building on the RBAC framework, Zhou et al. [70] suggested a trust-aware RBAC model for secure cloud data storage by mapping trust values to roles. This dynamic approach enhanced the flexibility of RBAC in handling uncertain or changing user behavior. Alshammari et al. [71] extended this work by presenting a multicriteria trust evaluation model integrated with task-based RBAC. Their framework effectively balanced multiple trust dimensions—including feedback credibility, interaction history, and contextual awareness—to ensure reliable task–role mappings in cloud environments.

Collectively, these models reflect the state of the art in trust-enhanced access control and emphasize the need for multidimensional, adaptive trust evaluation mechanisms. Such mechanisms are essential to counter manipulation, improve access flexibility, and secure user interactions in decentralized cloud systems.

When integrated with the soft security mechanism of trust, recommendation systems can function as effective anomaly detection tools. They can identify deceptive user patterns, fake reviews, and malicious feedback loops. Trust-based recommendation systems not only guide service selection but also help prevent social engineering attacks (e.g., phishing) and cloud-specific threats, including DoS, collusion, and on/off attacks [72,73].

Table 1. Summarized literature synthesis for trust and recommendation systems in cloud.

Work	Contribution	Methodology	Identified Gaps
[29,30,31]	Introduced reputation as aggregated feedback for evaluating SPs in cloud environments.	Reputation scores derived from SU feedback and historical interactions.	Lacks dynamic trust updates and handling of feedback manipulation.
[32]	Integrated trust thresholds in access control to revoke low-trust entities.	Trust-based revocation list integrated with ACL.	May result in false positives; limited adaptability to dynamic trust.
[33]	Suggested TRRBAC model enhancing security compared to RBAC.	Combined trust and reputation feedback; penalty mechanism for negative behavior.	High computational cost; accuracy issues with scaling.
[34,35,36,37,38,39]	Explored trust-policy integration for secure cloud environments.	Defined policies integrated with trust values.	Limited by static trust assumptions; challenges with real-time adaptability.
[40,41,42,43]	Reviewed RS types used in trust construction (CBF, CF, Hybrid, etc.).	Survey of recommendation techniques across domains.	Cold-start and data sparsity remain unresolved.
[44,45,46]	Analyzed sparsity and cold-start in recommendation systems.	Identified key performance challenges.	No robust solution for dynamic user behavior or attack resistance.
[47]	Used stored ratings to compute trust values.	Cumulative trust modeling.	Subjective trust evaluation; lacks context sensitivity.
[49,50,51,52]	Addressed reliability issues in feedback-based ratings.	Analyzed effects of biased/inaccurate ratings.	Vulnerable to fabricated feedback and manipulation.
[53,54,55,56,57,58]	Surveyed trust models for secure cloud access.	Comparative study of multiple trust frameworks.	Lacks adaptive revocation/reassignment mechanisms.
[59]	Developed “Cloud-Trust” for adaptive SP selection.	Dynamic trust assessment based on service behavior.	Scalability and malicious behavior detection limited.
[60]	Introduced MTBAC considering mutual trust of users and nodes.	Mutual behavioral trust model.	Struggles with scalability and sophisticated attack types.
[61,62,63]	Incorporated trust into RBAC for refined access control.	Probabilistic trust scoring in RBAC structures.	Vulnerable to collusion, Sybil, and on/off attacks.
[64]	Improved malicious node detection and reduced trust computation cost.	Optimized trust algorithm for performance.	May trade off security accuracy for performance.
[65,66]	Discussed Sybil and collusion attacks in cloud platforms.	Attack modeling based on real-world platforms.	Absence of dynamic countermeasures.
[67]	Proposed Social Trust-Aware RS using t-index.	Contextual and social behavior modeling.	Ignores evolving trust and access control sensitivity.
[68]	Improved UBCF similarity with user contribution levels.	Contribution-based similarity in CF.	Static computation; lacks adaptability to behavior changes.
[69]	Trust-aware matrix factorization using social signals.	Matrix factorization incorporating social trust.	Assumes static trust; does not address access control.
[70]	Mapped trust to roles in RBAC for cloud data access.	Dynamic trust mapping in RBAC.	Limited flexibility in evolving behavior contexts.
[71]	High-reliability multicriteria trust with task-based RBAC.	Balanced trust evaluation (feedback, context, history).	Complexity in multidimensional trust balancing.
[72,73]	Identified role of trust-based RS in anomaly and attack detection.	Integration of RS with security analytics.	Need for unified, real-time trust model for detection and prevention.

presents a structured summary of key findings from the existing literature on trust and reputation mechanisms in cloud computing. It categorizes each work by its nature, contributions, methodology, and the gaps identified, offering a synthesized view of how trust-based models have evolved and the challenges that remain in this domain.

3. Identified Research Gaps and Motivation

With the exponential growth of cloud-based services and digital platforms, users increasingly rely on recommendation systems to discover relevant and trustworthy services. While traditional recommender models have achieved notable success in personalized content delivery, they often overlook critical security concerns, particularly in open and distributed environments like the cloud. This oversight makes such systems vulnerable to threats including Sybil attacks, collusion, and malicious feedback manipulation, which directly impact the reliability of service predictions.

The analysis of the recent literature highlights two key Research Gaps (RG):

• RG1: Lack of robust security evaluation frameworks capable of validating TMS based on user feedback, leading to an increased vulnerability to illicit access and network-level concerns such as Sybil, collusion, and DoS attacks.
• RG2: Absence of effective trust-aware recommendation models that can address core challenges such as data sparsity and cold-start problems, thereby compromising the accuracy of service predictions.

These gaps compromise both the predictive accuracy and the resilience of existing systems. Consequently, there is a pressing need for a unified model that not only enhances the relevance of recommendations but also integrates a trust management layer to defend against malicious behavior. To this end, there is a pressing need “To develop an enhanced recommendation system by integrating the soft security mechanism of trust, thereby enabling accurate and reliable service rating predictions, while simultaneously addressing security threats and improving the resilience of cloud service interactions.”

This research is driven by the findings of [67,68,69] to strengthen cloud service recommendation by integrating the soft security mechanism of trust with recommendation systems, thereby ensuring enhanced security, access control, and reliability in cloud service provisioning.

4. Proposed Work—TGBCF

This section presents a hybrid trust-based recommendation model that integrates Graph-Oriented Collaborative Filtering Recommender Systems to enhance the reliability of cloud service recommendations. The TGBCF model employs Pearson’s Correlation Coefficient parameter to evaluate similarity amongst the service nodes, utilizing a service-user interaction matrix to facilitate both rating prediction and similarity computation. A Trusted User Network Set is constructed by combining graph traversal techniques with user–service interaction data to identify reliable neighboring nodes. Security is reinforced through the integration of soft security mechanisms, which evaluate direct trust, indirect trust, and weighted trust derived from historical service interactions and user feedback. This multi-layered trust evaluation framework empowers the TGBCF model to effectively detect untrusted or manipulated ratings, enabling the isolation of potentially malicious nodes and enforcing restricted access control in a centralized cloud environment. Direct trust is computed based on the feedback from previous service transactions between service users and providers, ensuring a strong and transparent foundation for trust estimation. Each user–provider interaction is systematically recorded in the service-user matrix, enabling ongoing refinement of similarity scores and trust values for adaptive and secure service recommendations. The service interactions can be either positive or negative, represented by $\mathrm{p}\mathrm{f}$ or $\mathrm{n}\mathrm{f}$ respectively. The proposed work assumes that for each interaction, the number of positive and negative feedback increases by “1” as illustrated in Equations (1) and (2), respectively. Here, $\mathrm{p}\mathrm{f}\left(\mathrm{t}\right)$ and $\mathrm{n}\mathrm{f}\left(\mathrm{t}\right)$ are positive feedback and negative feedback at time (t), respectively.

$${\mathrm{p}\mathrm{f}}_{\left(\mathrm{t}\right)=}{\mathrm{p}\mathrm{f}}_{\left(\mathrm{t}-1\right)}+1$$

(1)

$${\mathrm{n}\mathrm{f}}_{\left(\mathrm{t}\right)=}{\mathrm{n}\mathrm{f}}_{\left(\mathrm{t}-1\right)}+1$$

(2)

The DIT is computed if a sufficient number of service interactions exist between the SU and the SP using the following equation:

$$\mathrm{D}\mathrm{I}\mathrm{T}={\displaystyle \frac{{\mathrm{p}\mathrm{f}}_{\left(\mathrm{t}\right)}}{{\mathrm{p}\mathrm{f}}_{\left(\mathrm{t}\right)}+{\mathrm{n}\mathrm{f}}_{\left(\mathrm{t}\right)}}}$$

(3)

This is recorded as the initiating rating value in the service-user matrix to compute the recommender trust or indirect trust and predicted unknown service rating values for a service request using the Trusted User Network Set and similarity value.

4.1. Working of the TGBCF Model

The system architecture of the TGBCF model incorporates a structured communication framework to ensure secure access control and trust management in a cloud environment. An architectural diagram of the proposed hybrid recommendation model is presented in Figure 4. The model integrates graph-based trust computation with collaborative filtering techniques to construct a Trusted User Network Set, compute similarity using Pearson’s Correlation Coefficient, and generate reliable service ratings by isolating malicious feedback through comprehensive trust evaluation.

The cloud administrator defines the role hierarchy, and the associated system parameters are uploaded to the cloud via Communication Channel 1. Since roles facilitate service user registration, the corresponding role parameters are transmitted to the cloud using Channel 2. To preserve data confidentiality against potentially untrusted cloud service providers, data owners upload encrypted data through Channel 3. When an SU initiates a data access request, it is routed via Channel 4 to the User Monitor Module, which verifies the request by matching the user’s attributes against administrator-defined parameters received through Channel 5. Access is provided if a legitimate match is discovered; if not, the request is rejected. The outcome of the request is communicated back to the User Monitor Module via Channel 6 and subsequently logged in the database through Channel 7. Although the role attributes are stored in the cloud (via Channel 2), their integrity must be continuously monitored. To address this, the Trust-Oriented Role-Based Access Control (TRBAC) model incorporates a Role Monitor Module responsible for assessing the ongoing trustworthiness of roles. If a role exhibits malicious behavior or receives negative feedback, the central repository is updated accordingly. Role updates are sent to the Role Monitor Module through Channel 8, which evaluates their trust integrity and relays updates to the cloud via Channel 9. At this point, the Cloud Service Provider (CSP) possesses the following:

• Role information via Channel 2;
• System parameters via Channel 1;
• Role updates via Channel 9.

The CSP then acknowledges the receipt to the Role Monitor Module via Channel 10, and the updated role details are stored in the database through Channel 11. For decision-making, the central repository forwards relevant user and role credentials to the Trust Engine using Channel 12. Based on the computed trust values, the engine determines suitable role assignments. If a role’s trust score falls below a predefined threshold, revocation instructions are communicated to the Role Repository and Data Owner via Channels 13 and 14, respectively. The Trust Decision Engine also disseminates updated trust values for service nodes (users or roles), which are used to update the service-user matrix for further recommendation computation. These trust scores—both direct and indirect—serve as inputs to the SUM and support accurate rating prediction via Channels 15, 16, and 17. Trusted network sets are constructed based on cosine similarity among service users, while indirect trust is computed using the shortest path distance between users within the cloud graph structure.

4.2. Algorithmic Simulation of TGBCF

The TGBCF model constructs a Trusted User Network Set for each service user based on the distance between the users within the computing environment. The underlying work assumes that the greater the distance between two users, the lower the degree of trust shared between them. Conversely, users positioned closer in the trust graph exhibit a higher level of trust. This relationship follows an inverse proportionality between trust and user distance, as formalized using a trusted six-degree segmentation scheme [74,75]. The trust value estimated through this distance-based evaluation is referred to as Inferred Trust (INT), as defined in Equation (4) below.

$${\mathrm{I}\mathrm{N}\mathrm{T}}_{{(\mathrm{u}}_{\mathrm{i}},{\mathrm{u}}_{\mathrm{j}})}={\displaystyle \frac{1}{{\mathrm{D}}_{{\mathrm{u}}_{\mathrm{i}},{\mathrm{u}}_{\mathrm{j}}}}}$$

(4)

where D is the distance between the service users $u_i,{ u}_j$ respectively. Further, the similarity between the two service users is computed using the cosine similarity function. Since $\cos 90°=0$, in order to build a Trusted User Network Set, the proposed work assumes a considerably lower Angle of Inclination (AI) of $80°$ to attain the trusted level of similarity index for security analysis. Hence, the assumed threshold (TH) to measure the AI between two users ${\mathrm{u}}_{\mathrm{i}},{\mathrm{u}}_{\mathrm{j}}$ in this work is $80°.$ If user ${\mathrm{u}}_{\mathrm{j}}$ is inclined at an angle ≤ $80°,$ it belongs to the trusted network set of user $u_i,$ else the request for inclusion the trust network is declined. Algorithm 1 below illustrates the methodology for TUNS construction.

Algorithm 1 Trusted User Network Construction

Input: SUM and AI between service users. Output: Trust user network set TUNS; 1. Initialize ${\mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}_{{\mathrm{u}}_{\mathrm{i}}}$ 2. for (any two users ${\mathrm{u}}_{\mathrm{i}}$ and ${\mathrm{u}}_{\mathrm{j}}$ in the SUM)   If (AI of ${\mathrm{u}}_{\mathrm{j}}$ < TH) then   ${\mathrm{u}}_{\mathrm{j}}$ ∈ TUNS of ${\mathrm{u}}_{\mathrm{i}}$ 3.  Add user (${\mathrm{u}}_{\mathrm{j}}$, TUNS) 4.  end if 5. end for 6. Return TUNS

Equation (5) below illustrates the trusted network set creation:

$${\mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}_{{\mathrm{u}}_{\mathrm{i}}}=\left\{{\mathrm{u}}_{\mathrm{j}}\left|\mathrm{A}\mathrm{I} {\mathrm{u}}_{\mathrm{j}}\right.<\mathrm{T}\mathrm{H},{\mathrm{u}}_{\mathrm{j}}\in \mathrm{S}\mathrm{U}\mathrm{M}\right\}$$

(5)

The Angle of Inclination is computed using the cosine similarity function with the help of the following equation:

$$\cos \mathsf{\theta }={\mathrm{s}\mathrm{i}\mathrm{m}}_{\mathrm{A}\mathrm{I}}({\mathrm{u}}_{\mathrm{i}},{\mathrm{u}}_{\mathrm{j}})={\displaystyle \frac{{\mathrm{u}}_{\mathrm{i}}·{\mathrm{u}}_{\mathrm{j}}}{‖{\mathrm{u}}_{\mathrm{i}}‖‖{\mathrm{u}}_{\mathrm{j}}‖}}$$

(6)

The TGBCF model utilizes Pearson’s Correlation Coefficient to evaluate the Similarity Index ${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}$ the value between the two service users ${\mathrm{u}}_{\mathrm{i}} \mathrm{and} {\mathrm{u}}_{\mathrm{j}}$ as shown in Equation (7) below:

$${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}={\displaystyle \frac{\sum _{(\mathrm{i}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}){\mathrm{s}}_{\mathrm{x}}}{(\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i},{\mathrm{s}}_{\mathrm{x}}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i}}}}\left)\right({\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j},{\mathrm{s}}_{\mathrm{x}}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j}}}})}{\sqrt{\sum _{(\mathrm{i}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}){\mathrm{s}}_{\mathrm{x}}}{{(\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i},{\mathrm{s}}_{\mathrm{x}}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i}}}})}^2}·\sqrt{\sum _{(\mathrm{i}\in \mathrm{U}\mathrm{T}\mathrm{N}\mathrm{S}){\mathrm{s}}_{\mathrm{x}}}{{(\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j},{\mathrm{s}}_{\mathrm{x}}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j}}}})}^2}}}$$

(7)

where $(\mathrm{i}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}){\mathrm{s}}_{\mathrm{x}}$ symbolizes the values of direct trust ratings for the cloud services provided by the SUs ${\mathrm{u}}_{\mathrm{i}}$ and ${\mathrm{u}}_{\mathrm{j}}.$ Further, ${\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i},{\mathrm{s}}_{\mathrm{x}}}}$ and ${\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j},{\mathrm{s}}_{\mathrm{x}}}}$ are the direct trust ratings given by users ${\mathrm{u}}_{\mathrm{i}}$ and ${\mathrm{u}}_{\mathrm{j}}$ for a cloud service ${\mathrm{s}}_{\mathrm{x}}$ in the service-user matrix. Further, $\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i}}}}$ and $\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j}}}}$ are the average direct trust ratings for the cloud services provided by users ${\mathrm{u}}_{\mathrm{i}}$ and ${\mathrm{u}}_{\mathrm{j}}$ in the service-user matrix. The similarity range for service-user rating values is $[-1,1]$. However, this work assumes that if ${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}=0,$ no similarities exist between the set of service users; if ${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}<0,$ the relationship between users is not trustworthy; and if ${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}>0,$ a trust relationship exists between the service users. This work at present considers only those values for whom a trusted similarity index value exists. Hence, the users having ${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}\le 0$ are discarded by the trust management system. Once the similarities between the two SUs are computed, the TGBCF model evaluates the Overall Aggregate Trust (OAT). A service request made at a specific time is taken into account while calculating the Overall Aggregate Trust (OAT). The TMS includes only those service users in its evaluation who have previously rated the requested service within the SUM. The OAT between two service users ${\mathrm{u}}_{\mathrm{i}}$ and ${\mathrm{u}}_{\mathrm{j}}$ is computed using the following equation:

$${\mathrm{O}\mathrm{A}\mathrm{T}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}= \mathrm{w}* {\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}+(1-\mathrm{w})* \mathrm{I}\mathrm{N}\mathrm{T}{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}$$

(8)

where $\mathrm{w}\in \left[0,1\right]$ is the weight corresponding to the similarity index and the evaluated inferred trust. The TGBCF model assumes a constant weight value of $\mathrm{w}=0.5$, to give equal weightage to trust similarity and Overall Aggregate Trust. The rating for a cloud service is predicted using the following equation.

$${\mathrm{P}\mathrm{R}}_{{\mathrm{u}}_{\mathrm{i},\mathrm{s}}}=\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i}}}}+{\displaystyle \frac{{\sum }_{{\mathrm{u}}_{\mathrm{j}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}}{\mathrm{O}\mathrm{A}\mathrm{T}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}·({\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j},\mathrm{s}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j}}}})}{{\sum }_{{\mathrm{u}}_{\mathrm{j}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}}\left|{\mathrm{O}\mathrm{A}\mathrm{T}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}\right|}}$$

(9)

where ${PR}_{u_{i,s}}$ depicts the predicted rating for a cloud service s by a service user $u_{i }$. For every new initiated service request, the service-user matrix is analyzed to check if the requested service is trusted by the majority of active service users in the SUM. The proposed work validates the DIT ratings using the assumed trust threshold using Equations (1)–(3) [33,63].

If a majority of service users have rated the requested service with a trust value in compliance with the assumed threshold, the service is considered trusted, else the service rating is predicted using Equations (1)–(9) [74,75,76,77,78]. The algorithmic procedure for rating prediction utilized in the TGBCF model is illustrated below in Algorithm 2.

Algorithm 2 TGBCF

Input: SUM, ${\mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}_{{\mathrm{u}}_{\mathrm{i}}}$, SI, OAT Output: Predicted Rating 1. for each unpredicted rating (new service request) in the SUM by user ${\mathrm{u}}_{\mathrm{j}}$ in the ${\mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}_{{\mathrm{u}}_{\mathrm{i}}}$ a. If (majority ratings for service s $\ge$ trust threshold) go to step 2 b. else the request is denied. 2. Calculate SI and OAT between users ${\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}$ using Equations (7) and (8). 3. End if. 4. End for. 5. Predict Rating prediction ${\mathrm{P}\mathrm{R}}_{{\mathrm{u}}_{\mathrm{i},\mathrm{s}}}$ for a service s using Equation (9) 6. Output Predicted Rating.

Computational Complexity Analysis of TGBCF

This section presents the computational complexity analysis of the TGBCF model. To assess the complexity of TGBCF with respect to time, three modules are considered: Similarity Index, Inferred Trust, and the Overall Aggregate Trust.

The primary input for this analysis is the SUM, structured as a vector of size N × R, where N denotes the total number of nodes and R is the total number of service ratings in the environment. In the TGBCF model, both the SUs as well as SPs are considered as nodes. To compute similarity index, the model requires two inputs: the TUNS for a node and the rating values in the SUM. Given R service rating entries across N nodes, the time complexity for identifying similar nodes for a single user is O (N.R). Consequently, determining similar users for all nodes results in a complexity of O (N².R). The SI and the AI (calculated using cosine similarity) serve as the foundational elements for inferred trust computation. Since AI represents both the alignment and the proximity between users, the trust inference step operates with a linear complexity of O(N) for each node. TGBCF associates a weight attribute with the computed SI and INT values to generate the OAT as depicted in Equation (8). The OAT is evaluated as the weighted sum of SI and INT; thus, the overall computational time complexity will be evaluated as O(N)(INT + SI), i.e., O (N.R) + O (N².R) = O (N².R). Moreover, for each selected node, N, a predicted rating is computed that generates a complexity of O (N.R) and since the service_request function nests the predicted_rating function, the overall time complexity of the TGBCF model is O (N².R).

4.3. Comprehensive Analysis for Data Quality and Reliability

The algorithmic simulation illustration in Algorithms 1 and 2 in Section 4.2 acts as a pre-processing phase for the un-rated service ratings in the service-user matrix. Hence, this strengthens a low-density Recommender System that consists of an insufficient number of identical ratings. Further, to authenticate the efficacy of the TGBCF model, an extensive inferred trust scheme is utilized that quantifies the dataset on the basis of the following metrics: (a) a trusted network set for a service user; (b) imilarity Index between service users; (c) trust threshold; and (d) an Overall Aggregate Trust. Further, a step-by-step illustration of the pre-processing phase to eliminate the outdated and unreliable data entities is explained below.

Step-by-Step Working of the TGBCF

This sub-section demonstrates the workings of the proposed work. We suppose there are seven users in the service-user matrix with the user set $\mathrm{U}\mathrm{S}=\{{\mathrm{u}}_1$, ${\mathrm{u}}_2$, ${\mathrm{u}}_3$, ${\mathrm{u}}_4$, ${\mathrm{u}}_5$, ${\mathrm{u}}_6{,\mathrm{u}}_7$} and six cloud services in the service set $\mathrm{S}\mathrm{S}=${${\mathrm{s}}_1$, ${\mathrm{s}}_2$, ${\mathrm{s}}_3$, ${\mathrm{s}}_4$, ${\mathrm{s}}_5$, ${\mathrm{s}}_6$} as illustrated in

Table 2. Service-user matrix.

Service User Matrix	${\mathit{s}}_1$	${\mathit{s}}_2$	${\mathit{s}}_3$	${\mathit{s}}_4$	${\mathit{s}}_5$	${\mathit{s}}_6$
$u_1$	0.52	0.75		??
$u_2$		0.76		0.63
$u_3$	0.69
$u_{4 }$	0.73		0.72		0.79
$u_5$			0.61			0.77
$u_6$		0.69		0.75
$u_7$						0.53

.

In order to predict the ratings for a cloud service that meets our model’s threshold requirements, the following actions must be taken.

(i)

User $u_1$ initiates a request for service $s_4$. However, since only two ratings are available for this service in the user request-service database matrix from users $u_2$ and $u_6$, only these two service ratings are considered for further computation.

(ii)

Evaluate the similarity index by identifying the angle at which user $u_1$ is inclined with other service users. The angle $\theta$ is computed using Equation (6) as follows:

a.

${\mathrm{u}}_1-{\mathrm{u}}_1:0°$//since user ${\mathrm{u}}_1$ is itself computing the distance.

b.

${\mathrm{u}}_1-{\mathrm{u}}_2:\cos \mathsf{\theta }=\left\{\left[\left(0.52\ast 0\right)+\left(0.75\ast 0.76\right)+\left(0\ast 0.63\right)\right]\right\}/(\sqrt{{\left(0.52\right)}^2+{\left(0.75\right)}^2)}\ast \sqrt{{\left(\right(0.76)}^2+{\left(0.63\right)}^2)}=0.6327$

$$\mathrm{H}\mathrm{e}\mathrm{n}\mathrm{c}\mathrm{e},\mathsf{\theta }={\cos }^{-1}\left(0.6327\right)=51°$$

c.

Likewise, all the other angles of inclination of $u_1$ with respect to $u_3$,$u_4$,${ u}_5$,$u_{6 }$, and ${ u}_7$ are computed and the following values are obtained:

• ${\mathrm{u}}_1-{\mathrm{u}}_3$: $55.27°$
• ${\mathrm{u}}_1-{\mathrm{u}}_4$: $71.26°$
• ${\mathrm{u}}_1-{\mathrm{u}}_5$: $90°$
• ${\mathrm{u}}_1-{\mathrm{u}}_6$: $56.19°$
• ${\mathrm{u}}_1-{\mathrm{u}}_7$: $90°$

Service users $u_5$ and $u_7$ are discarded at once, since both are inclined at an angle of $90°$ with $u_1$ (since $\cos 90°=0$). The SUs are then arranged in an increasing order based on the computed inclination angles. Further, continuous values are assigned to the SUs representing their distance with user $u_1$, as illustrated in

Table 3. Inferred trust evaluation.

Users	Angle of Inclination of Other Users with ${\mathit{u}}_1$	Distance (D)	Inferred Trust $\mathbf{I}\mathbf{N}\mathbf{T}({\mathbf{u}}_{\mathbf{i},}{\mathbf{u}}_{\mathbf{j}})=\frac{1}{{\mathbf{D}}_{{(\mathbf{u}}_{\mathbf{i}},{\mathbf{u}}_{\mathbf{j}})}}$
${\mathrm{u}}_1$	$0°$	0	1
${\mathrm{u}}_2$	$51°$	1	1
${\mathrm{u}}_3$	$55.27°$	2	0.5
${\mathrm{u}}_6$	$56.19°$	3	0.33
${\mathrm{u}}_4$	$71.26°$	4	0.25

.

Hence, the $\mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}$ for ${\mathrm{u}}_1=\{{\mathrm{u}}_1$,${\mathrm{u}}_2$,${\mathrm{u}}_3$,${\mathrm{u}}_4$, and ${\mathrm{u}}_6$}

$${\mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}_{{\mathrm{u}}_{\mathrm{i}}}=\left\{{\mathrm{u}}_{\mathrm{j}}\left|\mathrm{A}\mathrm{I} {\mathrm{u}}_{\mathrm{j}}\right.<\mathsf{\alpha },{\mathrm{u}}_{\mathrm{j}}\in \mathrm{S}\mathrm{U}\mathrm{M}\right\}$$

SI is evaluated using Equation $\left(7\right)$ as:

$${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}={\displaystyle \frac{\sum _{(\mathrm{i}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}){\mathrm{u}}_{\mathrm{i}}{\mathrm{u}}_{\mathrm{j}}}{(\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i},{\mathrm{s}}_{\mathrm{x}}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i}}}}\left)\right({\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j},{\mathrm{s}}_{\mathrm{x}}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j}}}})}{\sqrt{\sum _{(\mathrm{i}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}){\mathrm{u}}_{\mathrm{i}}{\mathrm{u}}_{\mathrm{j}}}{{(\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i},{\mathrm{s}}_{\mathrm{x}}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i}}}})}^2}·\sqrt{\sum _{(\mathrm{i}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}){\mathrm{u}}_{\mathrm{i}}{\mathrm{u}}_{\mathrm{j}}}{{(\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j},{\mathrm{s}}_{\mathrm{x}}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j}}}})}^2}}}$$

Hence,

$${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{1,}{\mathrm{u}}_2}={\displaystyle \frac{\left((0.52-0.635\right)\left(0-0.695\right)+\left(0.75-0.635\right)\left(0.76-0.695\right)+\left(0-0.635\right)\left(0.63-0.695\right)}{\sqrt{\left(0.43\right)}\ast \sqrt{\left(0.49\right)}}}=0.282$$

$${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{1,}{\mathrm{u}}_{6=}}{\displaystyle \frac{\left(0.52-0.635\right)\left(0-0.72\right)+\left(0.75-0.635\right)\left(0.69-0.72\right)+\left(0-0.635\right)\left(0.75-0.72\right)}{\sqrt{\left(0.429\right)}\ast \sqrt{\left(0.52\right)}}}=0.134$$

So, the $\mathrm{O}\mathrm{A}\mathrm{T}$ between ${\mathrm{u}}_1-{\mathrm{u}}_2$ and ${\mathrm{u}}_1-{\mathrm{u}}_6$ is computed as:

$$\begin{array}{ll}{\mathrm{O}\mathrm{A}\mathrm{T}}_{{\mathrm{u}}_{1,}{\mathrm{u}}_2}= \mathrm{w}* {\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{1,}{\mathrm{u}}_2}+& (1-\mathrm{w})* \mathrm{I}\mathrm{N}\mathrm{T}{\mathrm{u}}_{1,}{\mathrm{u}}_2\\ & =0.5\ast \left(0.282\right)+0.5\left(1\right)=0.595=0.641\end{array}$$

Also,

$$\begin{array}{ll}{\mathrm{O}\mathrm{A}\mathrm{T}}_{{\mathrm{u}}_{1,}{\mathrm{u}}_6}=\mathrm{w}* {\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{1,}{\mathrm{u}}_6}+& (1-\mathrm{w})* \mathrm{I}\mathrm{N}\mathrm{T}{\mathrm{u}}_{1,}{\mathrm{u}}_6\\ & =0.5\ast \left(0.134\right)+0.5\left(0.33\right)=0.232\end{array}$$

TGBCF takes a user–service matrix as input as depicted in Table 2. For all those services who have received recommendations from majority service users, the rating can be predicted as depicted above. If user ${\mathrm{u}}_1$ issues a request to access cloud service ${\mathrm{s}}_4$, then all the users who have rated ${\mathrm{s}}_4$ will be analyzed. Since only two ratings are available for service ${\mathrm{s}}_4$ from users ${\mathrm{u}}_2$ and ${\mathrm{u}}_6$ (based on the dataset of the SUM), ${\mathrm{u}}_1{\mathrm{s}}_4$ initiates the rating prediction algorithm considering users ${\mathrm{u}}_2 \mathrm{and} {\mathrm{u}}_6$ as the candidate participants for conducting rating prediction. It is significant to mention that in order to compute the predicted rating, the ${\mathrm{S}\mathrm{I}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}$ and ${\mathrm{O}\mathrm{A}\mathrm{T}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}$ values are computed as per Equations (7) and (8), respectively, between users $({\mathrm{u}}_1-{\mathrm{u}}_2)$ and ${(\mathrm{u}}_1-{\mathrm{u}}_6)$, since only users ${\mathrm{u}}_2$ and ${\mathrm{u}}_6$ have rated service ${\mathrm{s}}_4$ already; finally, the prediction is calculated using Equation (9):

$${\mathrm{P}\mathrm{R}}_{{\mathrm{u}}_{\mathrm{i},\mathrm{s}}}=\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i}}}}+{\displaystyle \frac{{\sum }_{{\mathrm{u}}_{\mathrm{j}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}}{\mathrm{O}\mathrm{A}\mathrm{T}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}·({\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j},\mathrm{s}}}-\overline{{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j}}}})}{{\sum }_{{\mathrm{u}}_{\mathrm{j}\in \mathrm{T}\mathrm{U}\mathrm{N}\mathrm{S}}}\left|{\mathrm{O}\mathrm{A}\mathrm{T}}_{{\mathrm{u}}_{\mathrm{i},}{\mathrm{u}}_{\mathrm{j}}}\right|}}$$

Hence, ${\mathrm{P}\mathrm{R}}_{{\mathrm{u}}_{1,{\mathrm{s}}_4}}=0.635+\left[{\displaystyle \frac{\left\{\left(0.641\ast (0.63-0.695)+0.232\ast (0.75-0.72)\right)\right\}}{0.641+0.232}}\right]=0.60$

Hence, the updated SUM is depicted in

Table 4. Updated service-user matrix.

Service User Matrix	${\mathit{s}}_1$	${\mathit{s}}_2$	${\mathit{s}}_3$	${\mathit{s}}_4$	${\mathit{s}}_5$	${\mathit{s}}_6$
${\mathrm{u}}_1$	0.52	0.75		0.60
${\mathrm{u}}_2$		0.76		0.63
${\mathrm{u}}_3$	0.69
${\mathrm{u}}_4$	0.73		0.72		0.79
${\mathrm{u}}_5$			0.61			0.77
${\mathrm{u}}_6$		0.69		0.75
${\mathrm{u}}_7$						0.53

as below:

The TGBCF model adopts a structured methodology comprising model design, trust prediction, and decision evaluation. A modular trust management and access control framework is developed, integrating components such as the User Monitor, Roles Monitor, Central Repository, and Trust Decision Engine. These modules collaboratively analyze service usage and user roles to compute trust scores. A custom dataset was constructed to reflect realistic service usage scenarios, incorporating user roles, service ratings, and historical access behaviors. The Graph-Based Collaborative Filtering approach is applied in alignment with the construction of the TUNS to predict trust values by identifying similar users based on roles and rating patterns. These predicted values are then used to recommend or restrict services based on a dynamic threshold. The model’s performance is evaluated in terms of trust prediction accuracy, decision consistency, and role-aware access precision. This methodology ensures that trust-aware service recommendations remain both adaptive and context-sensitive. A step-by-step working process of the TGBCF model is depicted in Figure 5.

5. Simulation Setup

The hybrid simulation of the proposed TGBCF model was carried out using both Python and Laravel, leveraging their respective strengths for simulation and web-based orchestration. The entire experimental framework was deployed on a system with a quad-core Intel i5-1135G7 processor (4.20 GHz), 8 GB RAM, and Windows 11 (64-bit) operating system.

5.1. Setup for Trust Value Computation

In order to compute the trust, the simulation module was developed using Python 3.9 in a Jupyter Notebook version 6.3 environment. A network of 500 nodes was generated, representing cloud-based SUs, SPs, and roles, with interactions created at regular intervals to simulate dynamic service exchanges. For each node pair, the Direct Trust value was computed based on direct interactions, while the Indirect Trust was inferred from the feedback of neighboring nodes. A Weighted Trust value was subsequently calculated as a composite of DT and IDT. In this study, a trust threshold of 0.6 was adopted—nodes exhibiting trust values equal to or greater than this threshold were classified as trustworthy, while those falling below were designated as malicious. The selection of 0.6 as the optimal threshold emerged from extensive simulation cycles and empirical observations. Notably, higher threshold values such as 0.8 or 0.9, although intuitively stricter, led to an increased rate of false negatives, where legitimate and trusted service nodes were incorrectly classified as untrustworthy. Such misclassification adversely impacted the prediction accuracy of the recommendation system. Conversely, a threshold of 0.6 provided a more balanced trade-off between trust sensitivity and classification accuracy, preserving reliable nodes while still filtering out malicious ones effectively. This selection is also consistent with findings in the prior trust-aware recommendation literature, where moderate thresholding is shown to enhance both robustness and usability in dynamic environments.

5.2. Setup for Rating Prediction Using Trust

To predict trust-based rating for a real-world inspired interface, Laravel was used as the backend framework, leveraging its robust Model-View-Controller (MVC) architecture. The Laravel stack was hosted locally using XAMPP, and implemented with the Breeze starter kit, which integrates Tailwind CSS and a default authentication layer. The backend services were connected to a MySQL relational database, where user–service interaction data (ratings) was stored and dynamically queried using SQL. Eloquent relationships were defined to manage the rating data model—each cloud user could generate multiple ratings for different services, thus forming a service-user matrix. Laravel handled critical functions such as access control, authentication, user-role mapping, and integration of predicted trust values into the user interface.

The combination of Python-based simulation and Laravel-based application enabled end-to-end validation of the TGBCF model—from trust score computation to real-time rating analysis and malicious node identification. This dual-stack architecture allowed for both theoretical trust modeling and practical applicability in cloud-based recommendation and access control scenarios. The simulation was repeated multiple times to ensure consistency and generalizability of results.

5.3. Comparative Analysis

To evaluate the performance of the TGBCF model, a thorough comparative analysis of the TGBCF model is conducted using the evaluation metrics Mean Absolute Error (MAE) and Root Mean Square Error (RMSE). This work is compared with the trust-aware recommendation model (TAWRM), the User-Based Collaborative Filtering approach (UBCF), and the Social Trust Recommendation based on Probability Matrix Factorization (STRPMF). These models are selected to represent distinct categories of trust computation and recommendation logic, thereby providing a comprehensive basis for comparison.

This work is compared with the following peer research schemes:

TAWRM: The trust-aware recommendation model [67] constructs a trust network among users to enhance the recommendation process in environments where explicit trust data is available. It operates by computing direct and indirect trust paths using user-to-user recommendation chains and employs a matrix decomposition strategy to rank items for a given user. The trust value is propagated through the network to infer unknown relationships, which helps in selecting top-trusted service providers. However, TAWRM has a key limitation: it is confined to trust trajectories within a narrow scope and does not effectively evaluate similarity between distant or disjoint user groups. This often leads to sparse coverage in large-scale, role-diverse service environments.

UBCF: The UBCF approach [68] is a traditional collaborative filtering technique that identifies similar users based on historical ratings and shared preferences. It calculates similarity using distance-based or correlation-based measures (e.g., Pearson, Cosine), and selects the top-N neighbors whose similarity exceeds a predefined threshold. Ratings from these neighbors are then aggregated to generate predictions for unrated items. Although widely used for its simplicity and interpretability, UBCF lacks trust-awareness and is sensitive to data sparsity. It treats all users equally, ignoring user roles or contextual weight, which may result in lower prediction accuracy in multi-role, trust-critical applications such as cloud service recommendations.

STRPMF: The STRPMF method [69] integrates probabilistic matrix factorization (PMF) with social trust information to improve recommendation accuracy. It assumes that user decisions are influenced not only by rating data but also by the social relationships and trust levels within a user community. STRPMF learns latent feature vectors for users and items, and adjusts them using social trust regularization, allowing for more nuanced rating predictions. While this approach improves performance in trust-enriched social domains, it is limited by the subjective and dynamic nature of social trust, which may not reflect institutional trust or role-based authority as required in cloud service frameworks. Additionally, the trust modeling is implicit and lacks mechanisms for fine-grained role differentiation or access control policies.

Table 5. Comparative analysis of TGBCF with the state-of-the-art approaches.

Feature	TGBCF (Proposed)	TAWRM	UBCF	STRPMF
Trust Modeling	Explicit trust computation using role-based user grouping and rating patterns	Direct and indirect trust via trust paths and networks	No trust modeling; purely rating-based	Implicit trust integrated through social regularization
User Similarity	Group-based collaborative filtering with role context	Based on trust network structure	Similarity based on co-rated items	Latent user similarity via PMF with social links
Role Awareness	Yes, roles are weighted and influence predictions	No explicit role differentiation	No consideration of user roles	Roles not modeled; only social links considered
Rating Prediction Technique	Graph-based Collaborative Filtering + Trust Deviation Weighting	Matrix decomposition on trust-ranked items	Weighted average of Top-N similar users	PMF with trust regularization
Handling of Sparsity	Reduces sparsity via grouping and inferred trust	May fail on sparse trust paths	High sensitivity to sparsity	Mitigated through latent factor modeling
Access Control Integration	Integrated trust threshold for access decisions	Not supported	Not supported	Not supported
Main Limitations	Requires accurate role definition and dynamic threshold tuning	Confined to narrow trust trajectories	Ignores trust and role context	Subjective nature of social trust; lacks fine-grained control
Strength	Context-aware, trust-sensitive, and role-integrated prediction	Exploits networked trust structures	Simple and easy to implement	Learns user/item factors with trust influence

summarizes and emphasizes the core technical limitations of the state-of-the-art approaches TAWRM, UBCF, and STRPMF, along with the design and strengths of TGBCF.

5.4. Evaluation Metrics

The trust of a service user in a recommendation-based system largely depends on the accuracy and reliability of predicted ratings, particularly when these predictions are generated from sparse and uncertain datasets within dynamic environments. In such scenarios, even small inaccuracies can significantly impact user confidence and system credibility. Therefore, evaluation metrics such as MAE and RMSE are commonly employed to assess the performance of recommendation algorithms. These metrics provide quantitative measures of prediction error, enabling the system to fine-tune its recommendations and ensure greater alignment with user preferences, ultimately fostering trust and user satisfaction. In both the two metrics, the deviation from the actual value is measured by utilizing the trust threshold for recommendation. The MAE is evaluated using Equation (10).

$$\mathrm{M}\mathrm{A}\mathrm{E}={\sum }_{\mathrm{u}}{\sum }_{\mathrm{s}}\left|{\displaystyle \frac{{\mathrm{p}}_{\mathrm{u},\mathrm{s}}-{\mathrm{r}}_{\mathrm{u},\mathrm{s}}}{\mathrm{N}\mathrm{P}\mathrm{R}}}\right|$$

(10)

where $p_{u,s}$ is the predicted rating, and $r_{u,s}$ is the initial rating recorded in the service-user matrix, and NPR is the total number of predicted ratings.

Further, since MAE does not always reflect accuracy in the rating predictions, RMSE is further utilized by the TGBCF model to validate the results for service recommendations. The RMSE analysis between the evaluated and the actual rating value is carried out using Equation (11).

$$\mathrm{R}\mathrm{M}\mathrm{S}\mathrm{E}=\sqrt{{\sum }_{\mathrm{u}}{\sum }_{\mathrm{s}}{\displaystyle \frac{{({\mathrm{p}}_{\mathrm{u},\mathrm{s}}-{\mathrm{r}}_{\mathrm{u},\mathrm{s}})}^2}{\mathrm{N}\mathrm{P}\mathrm{R}}}}$$

(11)

The proposed work recommends a cloud service on the basis of the degree of trust associated with a cloud service. The number of trusted service nodes demonstrates the accuracy of the TGBCF model using Equation (12).

$$\mathrm{A}\mathrm{c}\mathrm{c}\mathrm{u}\mathrm{r}\mathrm{a}\mathrm{c}\mathrm{y}=\left({\displaystyle \frac{\mathrm{T}\mathrm{o}\mathrm{t}\mathrm{a}\mathrm{l} \mathrm{N}\mathrm{u}\mathrm{m}\mathrm{b}\mathrm{e}\mathrm{r} \mathrm{o}\mathrm{f} \mathrm{N}\mathrm{o}\mathrm{d}\mathrm{e}\mathrm{s}-\mathrm{N}\mathrm{u}\mathrm{m}\mathrm{b}\mathrm{e}\mathrm{r} \mathrm{o}\mathrm{f} \mathrm{M}\mathrm{a}\mathrm{l}\mathrm{i}\mathrm{c}\mathrm{i}\mathrm{o}\mathrm{u}\mathrm{s} \mathrm{N}\mathrm{o}\mathrm{d}\mathrm{e}\mathrm{s} \mathrm{E}\mathrm{n}\mathrm{c}\mathrm{o}\mathrm{u}\mathrm{n}\mathrm{t}\mathrm{e}\mathrm{r}\mathrm{e}\mathrm{d}}{\mathrm{T}\mathrm{o}\mathrm{t}\mathrm{a}\mathrm{l} \mathrm{N}\mathrm{u}\mathrm{m}\mathrm{b}\mathrm{e}\mathrm{r} \mathrm{o}\mathrm{f} \mathrm{N}\mathrm{o}\mathrm{d}\mathrm{e}\mathrm{s}}}\right)$$

(12)

5.5. Simulation Results

This section demonstrates the simulation results based on the evaluation metrics illustrated above in Section 5.4. The graphical interpretation of the comparative analysis of MAE with respect to the benchmark approaches is illustrated below in Figure 6. The TGBCF model exhibits superior predictive accuracy, as evidenced by its significantly lower MAE compared to other benchmark models. Specifically, in terms of relative performance improvement, TGBCF achieves approximately 42.3% over TAWRM [67], 50.0% over UBCF [68], and 31.8% improvement over STRPMF [69]. These results underscore the effectiveness of the trust-guided approach employed in TGBCF, which enhances the reliability and precision of recommendation generation compared to existing state-of-the-art methods.

Figure 7 illustrates the comparative recommendation performance of the TGBCF model against baseline methods based on RMSE. The results clearly indicate that TGBCF consistently outperforms all peer models, demonstrating a substantial reduction in prediction variance—a critical metric reflecting the stability and reliability of the recommendations. Specifically, TGBCF achieves an approximate RMSE improvement of 38.7% over TAWRM [67], 45.7% over UBCF [68], and 32.1% over STRPMF [69]. These reductions translate into a 30–45% overall improvement in predictive consistency, underscoring the robustness and effectiveness of the trust-guided mechanism employed in TGBCF.

Further, the prediction accuracy in TGBCF is computed to identify the malicious nodes and trusted nodes in the cloud domain. To demonstrate the accuracy of prediction for the evaluated service ratings using the soft security mechanism “Trust”, 500 service nodes have been analyzed at present. However, the proposed model can be scaled in future. The accuracy of the TGBCF model examines the computed trusted rating value against the trust threshold of 0.60 (Assumed Trust Threshold). If a service node has a trusted rating value $\ge$0.60, the node is considered trustworthy; else, it is malicious. The graphical interpretation demonstrates that with an increase in the number of service nodes, the number of malicious service nodes encountered by the TGBCF model is less than the comparative state-of-the-art approaches. This signifies that the TGBCF model can be trusted for cloud service recommendation in comparison to the peer approaches. Figure 8 below showcases the number of malicious service nodes with an increase in the number of services users. TGBCF demonstrates higher robustness and attack resistance, with approximately 40–60% fewer malicious nodes detected at peak load compared to other models.

The graphical interpretation of the prediction accuracy of the TGBCF model with the state-of-the-art approaches is depicted below in Figure 9. The simulation results depict that TGBCF outperforms the state-of-the-art approaches [67,68,69] by 8–16% in rating accuracy at high user volume, showing better scalability and generalization.

5.6. Real-World Applicability and Computational Efficiency

The TGBCF model is designed with practical deployment considerations in mind, addressing key aspects such as scalability, computational feasibility, and robustness to malicious nodes, which are critical in real-world cloud-based service recommendation systems. The key factors justifying compliance with the real-world applicability are:

• Scalability and Efficiency: The model has been tested on a simulated network of 500 nodes representing service users, providers, and roles. Results show that the trust computation is performed in a time-efficient manner due to the lightweight graph-based structure. This validates that TGBCF can scale to medium-to large-scale cloud environments.
• Trustworthiness Assessment: TGBCF incorporates both direct and indirect trust metrics derived from user interactions and neighborhood feedback, and then computes a weighted trust score. This mirrors real-world scenarios where users interact with multiple services and rely on both personal experience and community insights. The model dynamically adapts to new trust relationships as the system evolves.
• Malicious Node Detection: By setting an unbiased trust threshold (0.6), the system effectively filters out malicious or unreliable nodes, a frequent concern in decentralized cloud ecosystems. This feature makes TGBCF particularly suited for open, multi-tenant cloud platforms where user trust is critical.
• Platform-Agnostic Implementation: The model has been implemented using Python 3.9 with Jupyter Notebook for simulation and Laravel with MySQL for backend deployment. This dual implementation supports its adaptability to both AI-based simulation environments and real-time cloud-based applications, thereby ensuring its cross-platform viability.
• Low Computational Overhead: Trust calculations use simple yet effective operations like feedback weighting, avoiding complex optimization or deep learning routines. This ensures the model can run even on moderate hardware (Intel i5, 8 GB RAM), which is typical in edge or client-side cloud nodes.
• Accuracy and Reliability: The model achieves competitive prediction accuracy using MAE and RMSE when compared with benchmark schemes (e.g., TAWRM, STRPMF, UBCF), reinforcing its practical utility in service rating prediction and user satisfaction enhancement.

6. Formal Analysis

To validate the simulation results of the TGBCF Model, the Canetti and Krawczyk Adversary Model (C&K) [79] has been utilized. The foundation for the formal analysis is to authenticate if the computed service rating is trustworthy or malicious. A service rating value is considered malicious if the trust value is less than the assumed threshold.

• PROTOCOL Trustworthy Recommendation and malicious_node_identification
  Initial condition
  Similarity Index: SI, Trusted User Network Set: TUNS
  Inferred Trust: INT, Overall Aggregate Trust: OAT,
  SIG SI (user: u_i, u_j, TUNS, INT)
  Step 1: If u_i, u_j $\in$ TUNS
  Compute SI, else discard the service request from the user_id//a user not belonging to TUNS is considered malicious.
  Step 2: Ensure non-negative values for similarity index and Inferred trust
  TrustNonNegative {
  all SI: SimilarityIndex | SI.value ≥ 0
  all INT: InferredTrust | INT.value ≥ 0
  }
  Step 3: Compute OAT (u_i, u_j, weight: w, SI, INT, cloud_service_request, threshold)
  If (OAT ≤ threshold), the service node isMalicious
  assign (isMalicious) = 1, and revoke the cloud service request
  else Predict Rating value for the requested service
   }
  Step 4: Predict Service Rating (rating value: ${\mathrm{r}}_{{\mathrm{u}}_{\mathrm{i}}},{\mathrm{r}}_{{\mathrm{u}}_{\mathrm{j}}},$ OAT, threshold)
  If (predicted rating for service && OAT $\ge$ threshold), give access to user for the cloud service else deny the service request.

The TGBCF models help in the identification of malicious cloud service requests through trust computation. These malicious service requests, initiated by nefarious users, can hamper the integrity of the computing domain. Hence, the proposed model aligns with the Network Authentication Protocol of the C&K Adversary Model, and strengthens the existing recommendation systems by incorporating “Trust” based on rating values, maintaining the reputation of trust between service users and service providers.

7. Conclusions

This work suggested a reliable service recommendation scheme that can prevent the reputation of the cloud computing by recommending trusted cloud services. An integrated approach utilizing the graph-based Recommender System and Collaborative Filtering Recommender System was employed with the soft security mechanism “Trust” to ensure security in cloud computing systems. The former helped in the construction of the trusted user network set, and the latter computed similarity between the service users through Pearson’s Correlation Coefficient. The inferred trust or the indirect trust was evaluated by utilizing the direct trust values stored in service-user matrix. The simulation results clearly affirm the effectiveness and superiority of the TGBCF model over state-of-the-art approaches across multiple evaluation metrics. With a consistent improvement of approximately 8% to 16% in prediction accuracy and a ~32% reduction in MAE and RMSE, TGBCF ensures highly reliable rating predictions. Under adversarial scenarios, TGBCF reduced the impact of malicious nodes by 40% to 60%, demonstrating strong resilience and generalization under growing user loads. These outcomes confirm the model’s practical viability for secure, accurate, and scalable service recommendation in complex cloud computing ecosystems.

8. Future Work

The TGBCF model demonstrates strong performance across accuracy, robustness, and scalability metrics, validating its effectiveness in trust-aware recommendation scenarios. However, several areas remain open for future exploration. The current trust computation relies on static weights and predefined rules; integrating adaptive or reinforcement learning could enable dynamic trust evaluation based on evolving user behavior. While TGBCF addresses cold-start issues effectively, incorporating contextual or semantic information—such as temporal patterns or domain-specific knowledge—could further enhance personalization. Additionally, real-world deployment on large-scale cloud platforms is needed to assess operational scalability, latency, and integration. Future work will also focus on incorporating privacy-preserving techniques and extending TGBCF to support dynamic trust modeling and cross-domain recommendations.