What type of access control defines a subject's ability to access an object based on their assigned role or tasks?

Role-Based Access Control (RBAC) is a model that defines access permissions based on the roles that users have within an organization. In this system, access rights are granted to roles rather than to individual users. When a user is assigned a role, they inherit the permissions associated with that role, allowing them to access certain objects or data necessary for their tasks or responsibilities within the organization.

This approach streamlines access management by grouping permissions and responsibilities under distinct roles that correspond to job functions. For example, a user in a managerial role may have access to sensitive financial data, whereas a staff member in a junior position might have limited access to only specific datasets required for operational tasks.

RBAC enhances security and administrative efficiency because it reduces the complexity of managing user permissions individually and aligns access rights with the principle of least privilege. This means that users gain access only to what they need to perform their job functions, minimizing the chances for unauthorized access or data breaches.

In contrast, Discretionary Access Control (DAC) is based on the discretion of the owner of the resource, allowing user-defined permissions. Mandatory Access Control (MAC) enforces access restrictions based on fixed policies determined by the organization, without allowing user discretion. Hybrid Access Control combines elements of different