Current research in IoT security is still far from mature as it significantly differs from traditional networked systems, which have been studied comprehensively. This is because the IoT devices are limited by processing power, memory, and energy. Existing security models are not sufficient for handling security due to the scale of the IoT network and the resource-constrained nature of devices. Trust management (TM) has received significant interest in enhancing the security of the system by defining policies and provide users with specific access rights. In this review, recent advances in TM in IoT security are discussed. Based on the review, we propose the taxonomy of TM to achieve trust in an IoT ecosystem considering the requirements, the primary attacks, the trust management characteristics. Furthermore, a detailed discussion on open issues, challenges, and future research directions is provided on establishing trust in the IoT networks.