A system administrator at a healthcare provider wants to ensure that employees access systems and patient information based on their job function within the organization. Which method below is the most appropriate for implementing these security controls?
Attribute-Based Access Control (ABAC)
Mandatory access control (MAC)
Role-based access control (RBAC)
Discretionary access control (DAC)