RBAC:

Role Based Access Control

You can control access to files according to different roles within an organization. If you limit access separately for each individual, you have to go through all of the files and determine what each person should have access to. If you determine which roles should have access to which files, then you only need to assign each person to one or more roles to give them access to the files that they need. Roles can be set up by job function. By using role access an individual can change roles and have access to separate files for each role, thereby limiting damage to the file system if something should go wrong.