Internet of things (IoT) is a contemporary technology, which links a tremendous number of devices with each other to ease the life via many useful services such as information exchange, monitoring, and control. IoT comprises different types of entities such as sensors and RFID tags, which mostly deployed in unattended, sensitive, and hostile territories. Due to rapid scalability and high heterogeneity, traditional security approaches fails to provide adequate security mechanisms for the current IoT infrastructure. The possibility of insecure and unattended deployment make some of IoT's entities subject to be captured physically by the attackers. As a result, the victim device can be exploited as a gateway to compromise the entire network. Furthermore, an entity may not work correctly because of resources constraints or instability of network's link. Recently, trust and reputation (TR) extended in IoT to monitor the behaviors deviation of IoT entities. Many TR models introduced, to incorporate the trust concepts in IoT as a new security paradigm. In this study, we provide thematic taxonomy for trust in IoT, considering several issues such as understanding of trust entity roles, trust properties, trust applications, levels of trust management, trust metrics, trust computation schemes and attacks on TR. Finally, the survey presents advances and open research challenges in the IoT's trust.