There are basically two parts to security. 1) The UserNames and Groups created in a system.mdw file and 2) the permission set on an individual database.
Imagine a scenario like this.
First, accounts(users) and groups are created (in an *.mdw file). For example make a couple of groups: "PowerUsers" and "Plebs." Then create ten user names, and half be members are included in the group "PowerUsers" and half in "Plebs."
Second, set the permissions on a database. Permissions can be set by group or by individual members (e.g. exclude Jerry from the reports, or prohibit the "plebs" from viewing financial info). Take the later example. If you have a database where you want to restrict the frmFinancial from the "Plebs", then set the permissions accordingly. In the db, go to tools, security, permissions. Select groups (instead of users). Select the object "forms", then select the specific form "frmFinancial" and user the check boxes to remove the permissions of "Plebs" from that form.
Simple right? Actually there are a lot of other things to keep in mind. Where to store the *.mdw file you create so users can see it. Pointing to the *.mdw file with a shortcut which has the parameter /wrkgrp. etc. Hope this little tidbit helps you get the big picture, and makes your research easier. There are many ways to set up security which allows the designer to use his creativity.
This is the day the Lord has made, I will rejoice and be glad in it.