Optimization
------------

Due to its presence in the kernel, there is a strong argument for restricting
the resources required for the subsystem, but memory-wise and cpu-wise.  A
number of optimizations are possilbe.

1) Special Storage for Local Privilege Tokens

Rather than storing some tokens using complete token structures (memory-
intensive and have a long seek time to verify they are or are not present),
a series of flag bytes could be stored in the PAG state.  With appropriate
behavior for handling expiry and transfer limitations, this would provide
for much faster evaluation of capabilities for common calls (such as local
file systems).

2) Specific Tokens for Specific Services

To improve seek time for authentication tokens used in kernel services,
it might be useful to allow the user process to provide references to
tokens to the services themselves so that repeated lookups are not required.
For example, the user process might ask the local FFS code to always use
a particular token.  The PAG would contain a reference to the token for
direct lookup without searches.

3) Improved Structures

Currently searches for tokens occur on a list, so occur in linear time.
Similarly, searches using mintoken assume the list is ordered.  Use of
hashing and other techniques might greatly improve performance.

Currently memory is reserved for the data fields of the token (strings,
public, private data) even when they are not in use.  Rather than 
allocating them with the token, it might be better to allocate these
only when needed.  This would reduce the memory footprint of the token
management system. 


$Id: optimization.txt,v 1.1 1998/06/26 13:17:29 robert Exp $
