Model-driven architecture (MDA) supports model-centred software development via successive model transformation. In MDA, the reusability of models is improved as well as the traceability of requirements. Agent-oriented model-driven architecture (AMDA) associates adaptive agents with a business-oriented interaction model and lets agents dynamically interpret their behaviour from the continuously maintained model via which the current business needs are deployed at runtime. The continuous re-interpretation rather than discrete re-transformation of models means immediate requirements deployment after re-configuration, no system down time being required to affect changes and results in a development process that is oriented to business experts rather than developers. Adopting the adaptive agent model, an AMDA paradigm, we put forward a security–aware model-driven mechanism by using an extension of the role-based access control (RBAC) model. For this purpose, the concept of agent role proposed in agent-oriented software engineering (AOSE) is integrated with the one proposed in RBAC. Agent duties are specified in an interaction model and describe the roles that agents can play to fulfil their functional responsibilities. Agent rights are specified in a security policy rule model attached to the interaction model and describe constraints upon agent capabilities caused by their associated social roles. The role-based interaction and policy-driven model incorporates both agent rights and duties. Hence, functional requirements and non-functional security constraint requirements are put together, related by the concept of role. Consequently, agents can continuously use the re-configurable model to play their roles in order to fulfil their responsibilities, and at the same time respect the security constraints. The major contribution from the approach is a method for building adaptive and secure MAS, following model-driven architecture. The approach is illustrated with an actual British railway management system.