Your company has given you the responsibility to implement an appropriate access control scheme. The company wants to control access and permissions for employees based on job function. Which of the following should you use?
Role based access control (RBAC) is an access control scheme that controls access and permissions by assigning them based on roles. Individuals are assigned roles which grants them the permissions and access assigned to that role(s).
Wikipedia
In computer systems security, role-based access control (RBAC) or role-based security is an approach to restricting system access to authorized users, and to implementing mandatory access control (MAC) or discretionary access control (DAC).
Role-based access control is a policy-neutral access control mechanism defined around roles and privileges. The components of RBAC such as role-permissions, user-role and role-role relationships make it simple to perform user assignments. A study by NIST has demonstrated that RBAC addresses many needs of commercial and government organizations. RBAC can be used to facilitate administration of security in large organizations with hundreds of users and thousands of permissions. Although RBAC is different from MAC and DAC access control frameworks, it can enforce these policies without any complication.