Security Models: Flow of Data

D.

The goal of a noninterference model is to strictly separate differing security levels to assure that higher-level actions do not determine what lower-level users can see.This is in contrast to other security models that control information flows between differing levels of users,By maintaining strict separation of security levels, a noninterference model minimizes leakages that might happen through a covert channel.

The Bell-LaPadula model is incorrect.The Bell-LaPadula model is concerned with confidentiality and bases access control decsions on the classfication of objects and the clearences of subjects.

The information flow model is incorrect.The information flow models have a similar framework to the Bell-LaPadula model and control how information may flow between objects based on security classes.

The Biba model is incorrect.The Biba model is concerned with integrity and is a complement to the Bell-LaPadula model in that higher levels of integrity are more trusted than lower levels.Access control us based on these integrity levels to assure that read/write operations do not decrease an object's integrity.

References: CBK, pp 325 - 326 - AIO3, pp.

290 - 291

The correct answer is D. The noninterference model does NOT concern itself with the flow of data.

Explanation:

The noninterference model is a security model that addresses the problem of information leakage in a system. It is based on the idea that users with different security clearance levels should be able to access the same system without interfering with each other's work.

In the noninterference model, data flow is not considered as a security concern. Instead, the model focuses on preventing users with lower clearance levels from interfering with the work of users with higher clearance levels. This is achieved by enforcing a strict separation of information based on security clearance levels.

The information flow model, on the other hand, concerns itself with the flow of data. It ensures that data flows in a secure and controlled manner from a source to a destination, with appropriate access controls and policies in place.

The Biba model is another security model that concerns itself with the flow of data. It is designed to prevent data from being modified or corrupted by unauthorized users.

The Bell-LaPadula model is also a security model that concerns itself with the flow of data. It is designed to ensure confidentiality and prevent information leakage by enforcing access controls based on security clearance levels.

In summary, the noninterference model is the security model that does NOT concern itself with the flow of data.