yes, this can be done using security assist.
when the user logs in, a session variable is created with their ID number.
When the record inserts, you should have a column that the ID session variable is stored in to relate the record to the individual user.
Set the results page to filter on the users ID session variable so it will only display records they have created.
On the detail and update pages, you will probably want to edit the recordsets that are created. add to the where clause an additional filter on the user ID session variable so they cannot guess the query string of another users record.
For the supper admin, you should create another set of admin pages that only they can access that does have the filtering on the userID session variable.