Kenny Kerr has an article up on MSDN showing how to use the Windows ACL security system on custom objects in your application.  Although the article is a bit on the short side, and does deviate off topic in a few areas, it provides a nice overview of the process, and will be a good starting point for anyone looking to do something like this.