Which of the following terms refers to grant access based on the user's role?

Role-based access control (RBAC) is the correct answer because it specifically dictates that access permissions are granted based on the roles assigned to users within an organization. This model simplifies management by allowing access rights to be tied to user roles rather than individual user identities. For example, if a user is assigned a role of "manager," they will have certain permissions associated with that role, such as access to sensitive files and reports, without needing to individually manage permissions for each manager.

RBAC is beneficial in maintaining security and ensuring that users have the minimum level of access required to perform their job functions. This approach enhances security by limiting access to sensitive information based on job requirements, reducing the risk of unauthorized access.

In contrast, the other terms refer to different access control mechanisms. Attribute-based access control involves granting access based on user attributes (like clearance level or department), context-based access control considers the context of the user request (such as location or time), and policy-based access control utilizes policies that dictate access rights across various conditions. Each of these is distinct from the role-centric approach that defines RBAC.