I'd tend to agree, though since they are terms of art that are technical concepts instead of business level permission and identity, we haven't been able to do much better in the field. IDPs, RPs, PDP/PEP's define them a bit more as architectural terms, but the security field has a convention of creating stupid and unnecessary abstractions.

The reason is twofold. The first is that the field claims origin in compartmentalized military intelligence culture where code words were used to manage compartmentalization, and in-effect, maintain a necessary level of ignorance between projects, which is as tediously bureaucratic and immensely irritating as it sounds. The second is the business runs on stories, so if you can abstract a dynamic into a new quirky name, you can claim to have discovered it.

So yes we should have better words for things, but being better at what we do would risk solving a problem that too many people make a living managing, and so, here we are. An industry of internet duct cleaners.