Wolthusen, S.S.Wolthusen2022-03-092022-03-092002https://publica.fraunhofer.de/handle/publica/340117This paper describes the intrusion detection aspects of a security architecture for distributed heterogeneous systems based on a network of externalized reference monitors defining a set of policies formulated as formulae of a first order theory. This can be retrofitted onto existing operating systems or realized standalone. Aspects considered in this paper include the effects of fine-grained component-level instrumentation of the operating system and a common entity naming model imposed by the architectural framework and discusses the application of the JDL multisensor data fusion model in the context of the framework.ensecurity policyintrusion detectiondistributed system006conference paper