Linux Audit-Subsystem Design for OS 11.3, etc.

I’m trying to document the Linux Audit-Subsystem in a “white paper”. The target is a distribution-agnostic presentation. That doesn’t mean I can’t mention OpenSuSE, or reference documentation in the end-notes.

I’m currently reading:
Linux Audit-Subsystem Design Documentation for Kernel 2.6, Version 0.1 ( PDF ).

I’m also interested in other documentation that discusses Linux auditing, authentication and access control, and other security related issues such as encryption. The target is Linux used as a server, as opposed to as an end user workstation.

The more recent the documentation, the better.

Any suggestions?