The main idea of the role-based access control functionality consists in granting a user (or several users within one and the same group) access to the Hardware Node or its Containers, thus, allowing them to log in to this Node/Container(s) by means of Parallels Infrastructure Manager and to perform a number of operations on them in accordance with the rights and permissions assigned to the user (or group). So, in the Virtuozzo security model any user/group is characterized by the permissions deduced from the roles assigned to the user (group) and allowing her/him to complete certain tasks in the Hardware Node/Container context.