Key/Object equivalence?

[William S. Frantz]

> A question to the KeyKOS people:  How is key and/or object
> equivalence handled in KeyKOS?  Does KeyKOS provide a
> way to compare two keys to see if they're identical?
> If so, how is it used in practice?  If not, are there
> situations you can think of in which such functionality
> would have been handy if it was available?

The generally available DISCRIM function will compare two
keys for equality.  It is mostly used by people doing debugging.

> 
> Is there a way to compare a key against a whole bunch of
> other keys quickly, e.g. by taking some kind of hash function
> of the bits that make up the key in the kernel?  Do key banks
> have any kind of "key search" feature, that allows you to
> determine if a key already exists in a key bank?  If so,
> how is it used in practice?

The KID (Key Indexed Directory) provides this kind of functionality.
The only user is the FACTORY (which everyone uses).  The factory 
uses it to remember the "holes" (places where the factory requestor's
data can possibly leak to the factory builder).

> 
> Given that, is there any kind of higher-level notion of
> "object equivalence" commonly used throughout a KeyKOS system?
> For example, two keys may refer to the same "object" but
> have different permissions and are therefore not "identical
> keys" as far as the kernel is concerned.  How is this
> concept supported by KeyKOS servers, when it is needed?

This function would be up to the object itself.  It might not
want to fess up to that level if implementation detail.

-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA