CHOReVOLUTION Platform Overview
Figure 1 - CHOReVOLUTION Logical Platform Overview
Figure 1 shows an high-level (logical) overview of the CHOReVOLUTION platform as a toolbox of well-integrated components. Indeed, in order to provide the reader with an overall picture, in the figure we mix main platform components and related involved actors, further sketching the flow of the main activities to be followed for realizing the desired choreography.
To the purpose of realizing the desired choreography, Domain Experts and Choreography Designers cooperate in order to produce a specification (Choreography Diagram) of the choreography. This is done by using the CHOReVOLUTION Studio.
Domain Experts and Choreography Designers set the business goal, identify the tasks and participants required to achieve the goal, and specify how participants must collaborate through a BPMN2 choreography diagram, further specifying interface, interaction protocol, QoS attributes, and security aspects by means additional models.
From the produced BPMN2 choreography specification and the specified additional models, and by using the CHOReVOLUTION Synthesis Processor, choreography developers first select from a Service Inventory those services that can act as suitable participants to play the roles of the specified choreography. Services are published in the service inventory by service providers, e.g., transportation companies and airport retailers that have identified business opportunities in the domain of interest. The Identity Manager also contains the registration of end users (e.g., a tourist) interested in exploiting/partecipating to the choreography through, e.g., their mobile apps. Then, an automated choreography synthesis method is performed. This method exploits model transformation and code synthesis techniques in order to derive a number of additional software entities:
- Binding Component (BC): bridges the gap between the middleware-level interaction paradigm of a service/thing (e.g., REST or CoAP) and SOAP, which is the default interaction paradigm.
- Coordination Delegates (CDs): when interposed between the services to be choreographed, CDs are able to coordinate the services interaction in a fully distributed way. At run time, the CDs exchange the coordination information to prevent undesired interactions, i.e., those interactions that do not belong to the set of interactions allowed by the choreography specification and can happen when the services collaborate in an uncontrolled way. The coordination logic implemented by the CDs may change at run time, e.g., because of changes in the choreography specification, hence triggering the dynamic reconfiguration of the choreography.
- Adapters (As): enforce service-role similarity, hence binding the concrete services to the abstract roles defined by the choreography. The synthesized Adapters enforce exact similarity through complex data mappings and complex protocol mediation patterns. That is, in addition to pure coordination through CDs, the CHOReVOLUTION platform enables run-time choreography evolution through automated protocol mediation and data-flow coordination.
- Security Filters (SFs): apply security-centric filtering policies that are specified by the designer(s) and domain expert(s). The latter dictates how to filter the interaction protocol of participant services with respect to different cross-boundary and multi-organization security requirements. The second one is to force different roles based on different application security contexts: the matching rule implemented by the filter can vary at run-time.
Beyond these additional software entities, a Concrete Choreography Specification is generated. It contains information that is required by the Enactment Engine to correctly perform the choreography deployment on the Cloud and related enactment process. That is, the Concrete Choreography Specification is an XML-based declarative description of the choreography that specifies the inter-dependencies among services, CDs, Adapters, BCs, and SFs, and their locations. In order to enable dynamic adaptation and cross-federation security enforceability at the service level, leveraging the run-time support offered by the Enactment Engine, Adapters and Filters can be configured, monitored, controlled, and managed at run time by choreography operators and identity & security managers.
The actors involved in the CHOReVOLUTION context are:
- End User: are the consumers/clients of the choreography-based applications realized by means of the CHOReVOLUTION platform.
- Platform User: exploit the CHOReVOLUTION platform components for realising a specific choreography-based application. She/he should have those minimal skills required to understand the notion of choreography and the CHOReVOLUTION way for realizing choreography-based applications. For instance, they may concern software architects, developers, software engineers, domain experts, etc.
- Platform Developer: are involved in the design and implementation of the platform components.
Platform users are, in turn, specialized as follows:
- Domain Expert. The domain expert is in charge of identifying the business tasks that must be accomplished to achieve the goal, their flow(s), and related non functional preferences.
- Choreography Designer. This actor has the responsibility of refining and transforming the business goal into a BPMN2-based specification of the choreography. The latter concretizes the business goal into a machine readable specification that is amenable of automated treatment by the Synthesis Processor.
- Choreography Developer. The developer selects Thing-based and Business-oriented services that have been published by service providers in the CHOReVOLUTION Service Inventory. These are the services that are suitable for playing the choreography’s roles, as specified by the designer in the BPMN2-based specification. Furthermore, by using the Synthesis Processor, the developer automatically generates CDs, Adapters, and Security Filters, together with an XML-based specification of the choreography to be used for automatic deployment, enactment, and execution.
- Platform Administrator. By using a web console provided by the Identity Manager, the platform administrator is in charge of monitoring the global status of the platform, managing domain administrator accounts and providing ordinary platform maintenance.
- Domain Administrator. The domain administrator has the responsibility of monitoring the status of a specific domain, managing end-user accounts (in terms of consumers, service providers and approvers) and retrieving compliance data for business.
- Security Manager. The role of the security manager is to collect security concerns for the different concrete services selected by the Synthesis Processor. After identifying these concerns, s/he has to identify the necessary adaptations (limited to authentication mechanisms) and create the missing elements.
- Choreography Operator. An operator is an actor who has the responsibility of launching the synthesized choreography. The operator can also deploy, enable or disable a specific choreography. Besides this, by using the web console provided by the Identity Manager, an operator is responsible for managing services and roles, monitoring services status, providing maintenance (maybe forcing application contexts) and taking care of the rescue management.
- Service Provider. A service provider is responsible for publishing services in the Service Inventory.
- Identity & Access Management Engineer. The Identity & Access Management Engineer is responsible for identifying, designing, integrating and maintaining the identity and access management platform for CHOReVOLUTION.