Role-Based Access Control (RBAC) is the correct answer because it is an authorization model that grants or denies access to resources based on the roles or groups assigned to users. Each role is associated with a set of permissions, and users inherit these permissions based on their assigned roles.

Discretionary Access Control (DAC) is incorrect because it allows resource owners to decide who can access their resources, rather than basing access on roles.

Mandatory Access Control (MAC) is incorrect because it bases access on security labels assigned to subjects and objects, not user roles.

Attribute-Based Access Control (ABAC) is incorrect because it grants access based on attributes associated with users, resources, and environment conditions, rather than solely on user roles.