Question

Which statement is true of the information flow model?

A) The information flow model allows the flow of information within the same security level.
B) The Biba model is not built upon the information flow model.
C) The information flow model only deals with the direction of flow.
D) The information flow model does not permit the flow of information from a lower security level to a higher security level.

Answer 1

Statement D is true for the information flow model: it does not allow the flow of information from lower to higher security levels to maintain data security.

Step-by-step explanation:

When discussing the information flow model, it's important to understand how it functions in the context of computer security. The model addresses the flow of information between different security levels to prevent unauthorized access or leakage.

Statement D is correct: the information flow model typically does not permit the flow of information from a lower security level to a higher security level to maintain security and prevent potential leaks of sensitive data. This is part of a strategy known as 'no read up, no write down,' which is foundational to models such as the Bell-LaPadula model, ensuring that a user at a lower clearance level cannot read information at a higher clearance level, and cannot write information to a lower clearance level that could infer higher clearance level data.