Abstract Named Data Networking (NDN) is an emerging network architecture. An important characteristic of NDN is its in-network cache, which enables Data packets to be available from multiple locations on the Internet. Hence the enforcement of access control mechanisms becomes even more critical in the NDN. This paper proposes a novel access control scheme referred to as Role-Based Encryption for NDN (NDN-RBE), which uses a broadcast encryption mechanism to achieve secure data access control. Our scheme uses the role inheritance property of the traditional Role-Based Access Control (RBAC) model to achieve efficient data access control over hierarchical content. This makes our scheme particularly suitable for large-scale real-world content-centric services like Netflix. Our scheme also supports additional design features such as anonymous signature-based authentication, batch signature verification and two types of privilege revocations. In addition, our formal security analysis demonstrates that our scheme is provably secure against Chosen Plaintext Attacks. Our performance and functionality comparison show that our scheme outperforms other notable existing works in terms of security, functionality, computation, communication and storage overhead. Furthermore, our experimental results show an improvement in content delivery time of the order of 15 percent compared with the other closely related works.