Also known as RBAC, it is a method of access control that defines permissions and access rights based on the roles of individual users or groups within an organization. RBAC is a widely used access control model that helps organizations manage access to resources and data more effectively and securely by defining permissions based on user roles. The users are assigned to specific roles based on their responsibilities and job functions.
RBAC manages the entire provisioning of roles, permissions and users and enforces the access policies. It simplifies access control management by organizing permissions into roles and assigning roles to users. This makes it easier to scale access control policies as the organization grows. This also allows organizations to define granular access control policies by associating specific permissions with roles. This ensures that users have the minimum level of access necessary to perform their job functions.