A simple role based access would be like,
1.Each user would be assigned with some roles.At the time of login, we fetch the roles for that user from sql (say).
2.Based on that role,we need to enable/disable few functionalities for that page.
Few links to get you started with.
Role-based Security with Forms Authentication
Hope this gives you a idea.