Which of the following security models does NOT concern itself with the flow of data?

A.
The information flow model

B.
The Biba model

C.
The Bell-LaPadula model

D.
The noninterference model

Explanation:
Multilevel security properties can be expressed in many ways, one being noninterference. This concept is
implemented to ensure any actions that take place at a higher security level do not affect, or interfere with,
actions that take place at a lower level. This type of model does not concern itself with the flow of data,
but rather with what a subject knows about the state of the system. So if an entity at a higher security level
performs an action, it cannot change the state for the entity at the lower level.
If a lower-level entity was aware of a certain activity that took place by an entity at a higher level and the state of
the system changed for this lower-level entity, the entity might be able to deduce too much information about
the activities of the higher state, which in turn is a way of leaking information. Users at a lower security level
should not be aware of the commands executed by users at a higher level and should not be affected by those
commands in any way.
Incorrect Answers:
A: The information flow model does concern itself with the flow of data.
B: The Biba model does concern itself with the flow of data.
C: The Bell-LaPadula model does concern itself with the flow of data.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 380