In the login authentication server behavior that comes with security assist you can store as many session variables as you want from the logged in user profile.
You can use the session variable then to filter a recordset to see records specific to this user if you stored say the userID.
Then you can create rules based on these session variables and their values. Then you can use these rules as triggers or in conditional regions to hide and show specific content.