Role-Based Access Control (RBAC) is a security model that restricts system access to authorized users based on their roles within an organization. RBAC enforces the principle of least privilege (PoLP), minimizing the risk of data breaches, insider threats, and lateral movement by attackers.