Executable choreography

Last updated

Executable choreography represents a decentralized form of service composition, involving the cooperation of several individual entities. It is an improved form of service choreography. Executable choreographies can be intuitively seen as arbitrary complex workflows that get executed in systems belonging to multiple organisations or authorities. [1]

Contents

Executable choreographies are actual code created to encode system behavior from a global point of view. The behavior of main entities in a system is given in a single program. Choreographies enhance the quality of software, as they behave like executable  blueprints of how communicating systems should behave and offer a concise view of the message flows enacted by a system.

Executable vs. non-executable choreography

In almost all applications the business logic must be separated into different services. The orchestration represents the way that these services are organized and composed. The resulting service can be integrated hierarchically into another composition. [2]

Service choreography is a global description of the participating services, which is defined by exchange of messages, rules of interaction and agreements between two or more endpoints. Choreography employs a decentralized approach for service composition. [3]

In industry, the concept of choreography is generally considered to be non-executable. Standards, such as those proposed by the Web Services Choreography Description Language, [4] present the choreography as a more formal model to describe contracts between autonomous entities (generally distinct organisations) participating in a composition of services analyzed globally. From this perspective, the composition itself must be implemented centrally through the different orchestration mechanisms made available by companies: naive code composition or the use of specific orchestration languages and engines such as BPEL (Business Process Execution Language), [5] rule engines, etc.

In the area of academic research, the concept of executable choreography is proposed as a method of no longer having the contractual part and the actual part of code as two different artifacts that can be non-synchronized or require subjective interpretations. Examples are "An Executable Calculus for Service Choreography" [6] or "An executable choreography framework for dynamic service-oriented architectures". [7] Few of these approaches have also had a practical impact, often at the level of articles or, at the very least, research projects. The real breakthrough of the blockchain in recent years has brought even more to the attention of the academic community and industry, the concept of "smart contract", which can be seen as a particular form of executable choreography.

Executable choreographies types

Verifiable choreographies

Executable choreographies are a more general concept and are not necessarily verifiable choreographies if they do not use the idea of a site regarded as a security context for code execution. As examples of approaches to programming using executable choreographies, we could list the European project CHOReOS, [8] the Chor programming language, [9] the web service modeling in the "Choreographing Web Services" [10] of some aspects related to the composition of web services using pi-calculus. [11] The verifiable term was introduced to highlight the possibility of verifying swarm communication. The explicit presence of the execution location idea leads to the possibility of developing verification algorithms as can be seen in the article "Levels of privacy for e-Health systems in the cloud era". [12]

Encrypted choreographies

Encrypted cryptography supposes that, in addition to verification, they offer higher-level solutions for advanced cryptographic methods without the need for programmers to become cryptography specialists. Distributed applications could be built from subsystems that allow identification or verification of architectural points that expose secret data. For example, ideally, a programming system that uses encrypted choreographs guarantees, or at least helps, minimize situations where a person (legally licensed or hacker) holds both encrypted private data and encryption keys related to the same resources. In this way, the administrators or programmers of these subsystems have fewer possibilities to perform internal attacks on privacy (the level with frequent attacks). Even if some applications can not use this approach, encrypted choreographies can minimize the security risks caused by the people inside who administer or program these systems. Thus, the number of points with discreet access to data (ideally never) is formally ensured. This form of choreography is useful to allow companies to secure by code the application of the legislation or security rules assumed.

The implementation of encrypted choreographies implies, for example, the existence of storage systems using cryptographic techniques with practical implementation of homomorphic encryption, such as the CryptDB [13] [14] implementation from MIT. A method that can also be called a "storage, division and anonymization method" with the help of encrypted choreographies, can lead to the ideal of having total "sovereignty" (within the limits of the law) on private data was published in the article "Private Data System enabling self-sovereign storage managed by executable choreographies". [15] This paper presents how choreographies anonymize and divide data in a way that ensures that data can not be copied by a single administrator or hacker that controls only one of the participating nodes. The implemented mechanisms can also include interfaces that are easy to use by programmers for advanced cryptographic methods.

Serverless choreographies

Serverless computing is a cloud computing model in which the cloud provider dynamically manages the allocation of computing resources. Serverless choreographies involve automating launching methods using virtualization and automation techniques.

The implementation of this advanced type of choreography requires the development of new business models to facilitate cloud-based application hosting without any friction related to payment, installation, etc. For example, the Tor concept provides an example for such serverless systems. The best known example is Amazon Lambda which has great commercial success allowing programmers to ignore installation details and facilitate dynamic scalability of systems. Blockchains can be considered examples of serverless databases.

Serverless choreographies assume that cloud execution and storage is done using encrypted choreographies. Using this form of choreography, hosting companies or individuals managing physical and logical hosting infrastructure will not be able to influence hosted installation or applications. Serverless choreographies present the opportunity to develop distributed, decentralized systems and the potential to formally secure advanced privacy properties.

See also

Related Research Articles

Computer programming is the process of performing particular computations, usually by designing and building executable computer programs. Programming involves tasks such as analysis, generating algorithms, profiling algorithms' accuracy and resource consumption, and the implementation of algorithms. The source code of a program is written in one or more languages that are intelligible to programmers, rather than machine code, which is directly executed by the central processing unit. To produce machine code, the source code must either be compiled or transpiled. Compiling takes the source code from a low-level programming language and converts it into machine code. Transpiling on the other hand, takes the source-code from a high-level programming language and converts it into bytecode. This is interpreted into machine code. The purpose of programming is to find a sequence of instructions that will automate the performance of a task on a computer, often for solving a given problem. Proficient programming thus usually requires expertise in several different subjects, including knowledge of the application domain, specialized algorithms, and formal logic.

<span class="mw-page-title-main">Encryption</span> Process of converting plaintext to ciphertext

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.

<span class="mw-page-title-main">Secure cryptoprocessor</span> Device used for encryption

A secure cryptoprocessor is a dedicated computer-on-a-chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained.

<span class="mw-page-title-main">Tokenization (data security)</span> Concept in data security

Tokenization, when applied to data security, is the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token, that has no intrinsic or exploitable meaning or value. The token is a reference that maps back to the sensitive data through a tokenization system. The mapping from original data to a token uses methods that render tokens infeasible to reverse in the absence of the tokenization system, for example using tokens created from random numbers. A one-way cryptographic function is used to convert the original data into tokens, making it difficult to recreate the original data without obtaining entry to the tokenization system's resources. To deliver such services, the system maintains a vault database of tokens that are connected to the corresponding sensitive data. Protecting the system vault is vital to the system, and improved processes must be put in place to offer database integrity and physical security.

An anonymous P2P communication system is a peer-to-peer distributed application in which the nodes, which are used to share resources, or participants are anonymous or pseudonymous. Anonymity of participants is usually achieved by special routing overlay networks that hide the physical location of each node from other participants.

A cryptographic protocol is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives. A protocol describes how the algorithms should be used and includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.

S/MIME is a standard for public-key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFC 8551. It was originally developed by RSA Data Security, and the original specification used the IETF MIME specification with the de facto industry standard PKCS #7 secure message format. Change control to S/MIME has since been vested in the IETF, and the specification is now layered on Cryptographic Message Syntax (CMS), an IETF specification that is identical in most respects with PKCS #7. S/MIME functionality is built into the majority of modern email software and interoperates between them. Since it is built on CMS, MIME can also hold an advanced digital signature.

Key management refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.

End-to-end encryption (E2EE) is a private communication system in which only communicating users can participate. As such, no one, including the communication system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to converse.

Proxy re-encryption (PRE) schemes are cryptosystems which allow third parties (proxies) to alter a ciphertext which has been encrypted for one party, so that it may be decrypted by another.

Information flow in an information theoretical context is the transfer of information from a variable to a variable in a given process. Not all flows may be desirable; for example, a system should not leak any confidential information to public observers--as it is a violation of privacy on an individual level, or might cause major loss on a corporate level.

Authenticated Encryption (AE) is an encryption scheme which simultaneously assures the data confidentiality and authenticity. Examples of encryption modes that provide AE are GCM, CCM.

A workflow engine is a software application that manages business processes. It is a key component in workflow technology and typically makes use of a database server.

<span class="mw-page-title-main">Cloud computing</span> Form of shared Internet-based computing

Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. Large clouds often have functions distributed over multiple locations, each of which is a data center. Cloud computing relies on sharing of resources to achieve coherence and typically uses a pay-as-you-go model, which can help in reducing capital expenses but may also lead to unexpected operating expenses for users.

<span class="mw-page-title-main">Cloud computing security</span> Methods used to protect cloud based assets

Cloud computing security or, more simply, cloud security, refers to a broad set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services, and the associated infrastructure of cloud computing. It is a sub-domain of computer security, network security, and, more broadly, information security.

Service choreography in business computing is a form of service composition in which the interaction protocol between several partner services is defined from a global perspective. The idea underlying the notion of service choreography can be summarised as follows:

"Dancers dance following a global scenario without a single point of control"

Convergent encryption, also known as content hash keying, is a cryptosystem that produces identical ciphertext from identical plaintext files. This has applications in cloud computing to remove duplicate files from storage without the provider having access to the encryption keys. The combination of deduplication and convergent encryption was described in a backup system patent filed by Stac Electronics in 1995. This combination has been used by Farsite, Permabit, Freenet, MojoNation, GNUnet, flud, and the Tahoe Least-Authority File Store.

Datain use is an information technology term referring to active data which is stored in a non-persistent digital state typically in computer random-access memory (RAM), CPU caches, or CPU registers.

Serverless computing is a cloud computing execution model in which the cloud provider allocates machine resources on demand, taking care of the servers on behalf of their customers. "Serverless" is a misnomer in the sense that servers are still used by cloud service providers to execute code for developers. However, developers of serverless applications are not concerned with capacity planning, configuration, management, maintenance, fault tolerance, or scaling of containers, VMs, or physical servers. Serverless computing does not hold resources in volatile memory; computing is rather done in short bursts with the results persisted to storage. When an app is not in use, there are no computing resources allocated to the app. Pricing is based on the actual amount of resources consumed by an application. It can be a form of utility computing.

<span class="mw-page-title-main">Human rights and encryption</span> Use of encryption technology to ensure human rights are maintained

Human rights applied to encryption are a concept of freedom of expression, where encryption is a technical resource in the implementation of basic human rights.

References

  1. "Levels of Privacy for e-Health systems in the cloud era" (PDF). 24th International Conference on Information Systems Development: 243–253. August 2015.
  2. "Choreography and Orchestration using Business Process Execution Language for SOA with Web Services". IJCSI International Journal of Computer Science Issues. 8 (2): 224–232. March 2011 via http://www.ijcsi.org/.{{cite journal}}: External link in |via= (help)
  3. "Orchestration vs. Choreography".
  4. "WSCDL Specification".
  5. "WS-BPEL standard" (PDF).
  6. Besana, Paolo; Barker, Adam (2009), On the Move to Meaningful Internet Systems: OTM 2009 (PDF), Lecture Notes in Computer Science, vol. 5870, Springer Berlin Heidelberg, pp. 373–380, CiteSeerX   10.1.1.525.2508 , doi:10.1007/978-3-642-05148-7_26, ISBN   9783642051470
  7. Akkawi, F.; Cottenier, T.; Alena, R.L.; Fletcher, D.P.; Duncavage, D.P.; Elrad, T. (2006). "An Executable Choreography Framework for Dynamic Service-Oriented Architectures". 2006 IEEE Aerospace Conference. pp. 1–13. doi:10.1109/aero.2006.1656059. ISBN   978-0780395459. S2CID   34895834.
  8. "ChoreOS".
  9. "Chor Programming Language".
  10. Barker, Adam; Walton, Christopher D.; Robertson, David (2004). "Choreographing Web Services". IEEE Transactions on Services Computing. 2 (2): 152–166. doi:10.1109/tsc.2009.8. ISSN   1939-1374. S2CID   15816522.
  11. Besana, Paolo; Barker, Adam (2009), On the Move to Meaningful Internet Systems: OTM 2009 (PDF), Lecture Notes in Computer Science, vol. 5870, Springer Berlin Heidelberg, pp. 373–380, CiteSeerX   10.1.1.525.2508 , doi:10.1007/978-3-642-05148-7_26, ISBN   9783642051470
  12. "Levels of Privacy for e-Health systems in the cloud era". 24th International Conference on Information Systems Development: 1–10. 2015.
  13. Popa, Raluca Ada; Redfield, Catherine M. S.; Zeldovich, Nickolai; Balakrishnan, Hari (2011-10-23). "CryptDB". CryptDB: protecting confidentiality with encrypted query processing. pp. 85–100. doi:10.1145/2043556.2043566. hdl:1721.1/74107. ISBN   9781450309776. S2CID   6323154.
  14. Tu, Stephen; Kaashoek, M. Frans; Madden, Samuel; Zeldovich, Nickolai; Tu, Stephen; Kaashoek, M. Frans; Madden, Samuel; Zeldovich, Nickolai (2013-03-01). "Processing analytical queries over encrypted data, Processing analytical queries over encrypted data" (PDF). Proceedings of the VLDB Endowment. 6 (5): 289, 289–300, 300. doi:10.14778/2535573.2488336. hdl: 1721.1/87023 . ISSN   2150-8097. S2CID   2187816.
  15. Alboaie, Sinică; Cosovan, Doina (2017), Distributed Applications and Interoperable Systems, Lecture Notes in Computer Science, vol. 10320, Springer International Publishing, pp. 83–98, arXiv: 1708.09332 , doi:10.1007/978-3-319-59665-5_6, ISBN   9783319596648, S2CID   6063958