RBAC

Role-Based Access Control. Permissions are bundled into roles, users are assigned roles. Simple to understand and audit, but role explosion is a common failure mode at scale. Almost every modern access model starts with RBAC and adds finer-grained controls on top.