If you would just like to have simple access level, like these users are admins and these other users are low level admins then you could do this with one additional column. If you would like to control exactly what pages each individual user has access to then you would need individual page rules and you would need to store the page access information for each page for each user.
When it comes to checking the variable the idea is that on the login or authenticate user page you would modify the server behavior to store the various page access permissions in their own session variables. Then you would craft individual rules for each of the pages that would check on the value that was specific to that page. If the use has the correct value then they can have access to the page.
In general access to areas of a site are normally based on access levels and it is not something that is done on a per page basis.