What type of access control is based on the roles assigned to users?

Role-Based Access Control (RBAC) is a security paradigm that restricts system access to authorized users based on their assigned roles within an organization. Under this model, permissions are granted to roles, rather than to individual users; users are then assigned to these roles. This approach simplifies management, especially in large organizations, because it allows for easier provisioning and de-provisioning of access rights.

In RBAC, the assignment of roles aligns with job functions, meaning that users gain access to systems and resources that are necessary for their specific role within the organization. For instance, a user with a role of "Administrator" has broader access privileges compared to a user with a "Guest" role, who might only have access to limited parts of the system.

This model enhances security and operational efficiency, as it is much easier to manage users in groups based on their roles rather than managing individual permissions for each user. It also supports the principle of least privilege since users only have access to information and resources required for their roles, minimizing the potential impact of a security breach.