create a specific role with only the limited permissions you want.
once the role is created, then add the users to that role.
remember roles are cumulative, so if you add the user to other roles (like built in roles like db_owner, or db_data_reader) they may have more permissiosn than you wnat.
also, make sure the users'login is not in the sysadmin role, which would short circuit all permissions, and they could do anything they want to any data they want.
stick with the least permissions model:
a basic example:
--create a role for the envisioned process
CREATE ROLE [FiveTablesReadOnly]
--grant only the desired permissions for the five specific tables.
GRANT SELECT ON dbo.BankOffices TO [FiveTablesReadOnly];
GRANT SELECT ON dbo.BankInvoices TO [FiveTablesReadOnly];
GRANT SELECT ON dbo.BankAccounts TO [FiveTablesReadOnly];
GRANT SELECT ON dbo.BankLocations TO [FiveTablesReadOnly];
GRANT SELECT ON dbo.BankDetails TO [FiveTablesReadOnly];
--finally add our user(s) to the role:
EXEC sp_addrolemember N'FiveTablesReadOnly', N'MyAppUser'
Lowell