Existing mobile platforms require the user to manually grant and revoke permissions to applications. Once the user grants a given permission to an application, the application can use it without limit unless the user manually revokes the permission. This has become the reason for a lot of privacy problems. One of the solutions suggested by a lot of researchers is Context Aware Access Control (CAAC). However, dealing with policy configurations at permission level becomes very complex as the number of policy rules to configure will become very large. For instance, if there are A applications, P permissions and C contexts, the user may have to deal with A x P x C number of policy configurations. Therefore, we propose a Context-Aware Role-Based Access Control (CA-RBAC) model that can provide dynamic permission granting and revoking while keeping the number of policy rules as small as possible. We demonstrate our model based on Android. In our model, Android applications are assigned roles where roles contain a set of permissions and contexts are associated with permissions. Permissions are activated and deactivated for the containing role based on the associated contexts. Our approach is unique in that our system associates contexts with permissions as opposed to existing similar works which associate contexts with roles. As a proof of concept, we have developed a prototype application called CA-ARBAC (Context-Aware Android Role Based Access Control). We have also performed various tests using our application and the result shows that our model is working as desired.