Microsoft implemented security in a different fashion with SSAS Tabular when compared with Multi-Dimensional. With multi-dimensional we had the database concept with multiple cubes... but a security role could be defined and used across all of the cubes in the database.
Tabular is a bit frustrating in that we have to create a role and define role membership for each model. But this could be TimeXtender's time to shine!! :)
I'd like to propose the ability to create a shared security role for the Semantic Models. A role could be defined with membership applied, and that role can then be linked to the models where security can be further defined. Essentially, the shared role would provide a centralized membership list rather than having to recreate it for each model.
We have 7 models which are typically deployed and it can be a bit of a hassle to maintain membership lists in 3 environments for each role in each model.
Yes, we can do this with AD Groups... most of the time. That capability doesn't really work with Azure Analysis Services, so it becomes very painful there.