User roles is an approach to restricting access to authorised users. The permissions to perform certain operations are assigned to specific roles.

Members of staff (or other system users) are assigned particular roles, example Administrator, Control Room etc, and through those role assignments acquire the permissions to perform particular system functions. Since users are not assigned permissions directly, but only acquire them through their role (or roles), management of individual user rights becomes a matter of simply assigning appropriate roles to the user’s account; this simplifies common operations, such as adding a user, or changing a user’s department.