Which of these logical access controls relates to authorization rather than authentication?

Role-based access control relates specifically to authorization, which is the process of determining what resources a user can access and what actions they can perform within a system after they have been authenticated. This system grants access rights based on the user's assigned role, defining their permissions according to the responsibilities associated with that role, rather than verifying their identity.

In contrast, the other choices primarily focus on authentication methods. Username and password, fingerprint scans, and smart cards are all used to verify a user's identity before granting access to resources. These methods do not determine what actions a user can take once their identity has been confirmed; they only confirm who the user is. Hence, role-based access control stands out as it specifically addresses authorization by linking user permissions to roles assigned within the system.