Different models are used for different aspects... you have access control models governing policy (DAC, DBAC, MAC, RBAC, etc), models (Bell-LaPadula, Biba, etc), and mechanisms. (*-property, least privilege, etc)

Rather than reinventing the wheel, here is a document that covers pretty much everything with access controls that starts at a non-expert level but will give you a greater knowledge of access controls that damn near anyone you will come across.

In short RBAC is used to define access controls by required tasks, typically utilizing least privilege and need to know concepts. harrison, Ruzzo, Ullman model deals with access control modification, and propigation as well as subject and object creation and deletion.

catch