Joel.Watson92@gmail.com | LinkedIn: /in/joel3rbear | Twitter: @Joel3rBear
Access control is important because it allows you to control who can access what inside of an application. For instance with WordPress(a popular blogging CMS), there are several different user roles to control what features a user has access like reading posts as a subscriber to updating settings as an admin.
Roles are used to give predefined sets of privilages to a “type” of user. This allows for an easier way of checking if you have the permissions needed.
Role based access control is more scalable than discretionary or mandatory access control because it removes the need for the user to give permissions like with discretionary access, and it is a simple check to check permissions than mandatory access.