Start by using the Security Assist documentation to create a user registration and login page. Then add a column to your user registration page to identify the user group.
Update the login page to store the user group column, and create rules in security assist representing the various user levels you want supported. Then use the various security assist server behaivors to block access to pages or sections of pages based on the rules you create.