What concept involves the systematic assignment of access rights based on roles?

The concept that involves the systematic assignment of access rights based on roles is Role-Based Access Control (RBAC). In RBAC, access permissions are assigned to specific roles rather than to individual users. This approach simplifies security management and enforces the principle of least privilege, which means users are granted only the access necessary to perform their job functions.

Under RBAC, roles are defined according to job responsibilities, and users are assigned roles that correspond to their duties. For example, an employee in the finance department might have a different role with distinct access rights compared to someone in the human resources department. By organizing access rights in this way, RBAC enhances security and efficiency because it is easier to manage user permissions at the role level rather than at the individual user level. Additionally, when an employee's job changes, their access rights can be updated simply by changing their assigned role.

In contrast, other access control models such as Mandatory Access Control (MAC) and Discretionary Access Control (DAC) do not specifically focus on role assignments. MAC enforces access restrictions based on information sensitivity and user clearance levels, while DAC allows users to control access to their own resources and does not inherently use predefined roles. Risk-Based Access Control is also focused on assessing risk but