RBAC (Role-Based Access Control) is a widely used access control model, which reduces the maintenance cost of classical identitybased access control. However, despite the benefits of RBAC, there are environments in which RBAC can hardly be applied. We present FRBAC (Fuzzy Role-Based Access Control), a generalization of RBAC that fits the requirements of environments where authorization-related information is vague. Moreover, FRBAC deals with environments where the actions that can be executed over the resources have a fractional meaning, as data lying in databases and QoS-subjected operations. FRBAC generalizes RBAC through the use of fuzzy relations.