Definition of Role Based Access Control (RBAC)

Definition of computer security terms: Role Based Access Control (RBAC)

The strategy of using a formal model to predict user rights based on role assignment and rules that extend user attributes is sometimes called policy-based provisioning or Role Based Access Control (RBAC).

In this strategy, users are associated with Roles and Roles are assigned fine grained privileges. This level of indirection can simplify the task of managing fine-grained user privileges and to some extent simplifies the task of verifying that user rights are appropriate.