Executable choreography represents a decentralized form of service composition, involving the cooperation of several individual entities. It is an improved form of service choreography. Executable choreographies can be intuitively seen as arbitrary complex workflows that get executed in systems belonging to multiple organisations or authorities.[1]
Executable choreographies are actual code created to encode system behavior from a global point of view. The behavior of main entities in a system is given in a single program. Choreographies enhance the quality of software, as they behave like executable blueprints of how communicating systems should behave and offer a concise view of the message flows enacted by a system.
In almost all applications the business logic must be separated into different services. The orchestration represents the way that these services are organized and composed. The resulting service can be integrated hierarchically into another composition.[2]
Service choreography is a global description of the participating services, which is defined by exchange of messages, rules of interaction and agreements between two or more endpoints. Choreography employs a decentralized approach for service composition.[3]
In industry, the concept of choreography is generally considered to be non-executable. Standards, such as those proposed by the Web Services Choreography Description Language,[4] present the choreography as a more formal model to describe contracts between autonomous entities (generally distinct organisations) participating in a composition of services analyzed globally. From this perspective, the composition itself must be implemented centrally through the different orchestration mechanisms made available by companies: naive code composition or the use of specific orchestration languages and engines such as BPEL (Business Process Execution Language),[5] rule engines, etc.
In the area of academic research, the concept of executable choreography is proposed as a method of no longer having the contractual part and the actual part of code as two different artifacts that can be non-synchronized or require subjective interpretations. Examples are "An Executable Calculus for Service Choreography" or "An executable choreography framework for dynamic service-oriented architectures".[6] Few of these approaches have also had a practical impact, often at the level of articles or, at the very least, research projects. The real breakthrough of the blockchain in recent years has brought even more to the attention of the academic community and industry, the concept of "smart contract", which can be seen as a particular form of executable choreography.
Executable choreographies are a more general concept and are not necessarily verifiable choreographies if they do not use the idea of a site regarded as a security context for code execution. As examples of approaches to programming using executable choreographies, we could list the European project CHOReOS,[7] the Chor programming language,[8] the web service modeling in the "Choreographing Web Services" [9] of some aspects related to the composition of web services using pi-calculus. The verifiable term was introduced to highlight the possibility of verifying swarm communication. The explicit presence of the execution location idea leads to the possibility of developing verification algorithms as can be seen in the article "Levels of privacy for e-Health systems in the cloud era".[10]
Encrypted cryptography supposes that, in addition to verification, they offer higher-level solutions for advanced cryptographic methods without the need for programmers to become cryptography specialists. Distributed applications could be built from subsystems that allow identification or verification of architectural points that expose secret data. For example, ideally, a programming system that uses encrypted choreographs guarantees, or at least helps, minimize situations where a person (legally licensed or hacker) holds both encrypted private data and encryption keys related to the same resources. In this way, the administrators or programmers of these subsystems have fewer possibilities to perform internal attacks on privacy (the level with frequent attacks). Even if some applications can not use this approach, encrypted choreographies can minimize the security risks caused by the people inside who administer or program these systems. Thus, the number of points with discreet access to data (ideally never) is formally ensured. This form of choreography is useful to allow companies to secure by code the application of the legislation or security rules assumed.
The implementation of encrypted choreographies implies, for example, the existence of storage systems using cryptographic techniques with practical implementation of homomorphic encryption, such as the CryptDB [11] [12] implementation from MIT. A method that can also be called a "storage, division and anonymization method" with the help of encrypted choreographies, can lead to the ideal of having total "sovereignty" (within the limits of the law) on private data was published in the article "Private Data System enabling self-sovereign storage managed by executable choreographies". This paper presents how choreographies anonymize and divide data in a way that ensures that data can not be copied by a single administrator or hacker that controls only one of the participating nodes. The implemented mechanisms can also include interfaces that are easy to use by programmers for advanced cryptographic methods.
Serverless computing is a cloud computing model in which the cloud provider dynamically manages the allocation of computing resources. Serverless choreographies involve automating launching methods using virtualization and automation techniques.
The implementation of this advanced type of choreography requires the development of new business models to facilitate cloud-based application hosting without any friction related to payment, installation, etc. For example, the Tor concept provides an example for such serverless systems. The best known example is Amazon Lambda which has great commercial success allowing programmers to ignore installation details and facilitate dynamic scalability of systems. Blockchains can be considered examples of serverless databases.
Serverless choreographies assume that cloud execution and storage is done using encrypted choreographies. Using this form of choreography, hosting companies or individuals managing physical and logical hosting infrastructure will not be able to influence hosted installation or applications. Serverless choreographies present the opportunity to develop distributed, decentralized systems and the potential to formally secure advanced privacy properties.