The term <em>role </em>is used in two slightly different contexts:<br><br>A <em>role </em>describes the aggregation of detailed entitlements within an application, a file system, or generally within a resource.<br><br>On the other hand, a role is the function of a user within process organisation and his position within the organisational structure. From this "professional" role, needed resources and necessary entitlements within these resources can be deducted. For more complex resources with a detailed authorization model, this is usually done in two steps. The "professional" role specifies only access to the resource, while the detailed entitlements within the resource are managed there directly.