This role based model protects data of type security information. Only users with role security officer get write access to those objects.
The file/dir attribute data_type can be inherited from the parent dir.
Like the functional control this model should only be used in combination with others. Otherwise the security relevant information can still be protected against tampering by system administrators, what is more than Unix style access control can.
SIM can be easily expressed with RC model, so it is kind of obsolete. You should use this model only to get experience as a base for other, more powerful models.