User-based access control, based on a security table, is totally feasible. Tableau has a function USERNAME() that tells you the username of the person who is logged in. This function can be used in any type of filter, including Data Source Filters (for the ultimate in row-level security).
You can build a JOIN either by writing a Customer Query for your data source, or using Tableau's JOIN interface to join your main data source with your security table. Your security table should identify users consistent with how they are returned by Tableau's USERNAME() function. (So if Jane Doe's username looks like "JANE.DOE" in Tableau, it should look like "JANE.DOE" in your security table.) Once you have a column in your JOIN'd data that contains the username, you can easily build your filter to compare it to USERNAME().
For more information, here are some useful Tableau help articles to get you started:
I hope this helps.