Welcome to LQ!!
Permissions are assigned to the owner of the file (or folder), the assigned group, and "all others". So you can create a file (folder) which is only accessible by a specific user, or a specific group. If you use the user method, then the user (as owner) will be able to change certain things. By using groups, you can have tighter control.
To simply restrict one or more users to be able to read files in specific folders, simply assign a group to those folders (and contents) and then add the user(s) to that group.
To be more specific, post an example of a scenario:
How many users?
Should they have read, write, or execute privileges?