I wouldn't try using views, as then the table/view name changes every time, so you're forced to use dynamic SQL, which causes additional security headaches.
Instead, I suggest creating a controller table, which is *always* INNER JOIN'd to, that restricts the rows that are returned by any query.
SQL DBA,SQL Server MVP(07, 08, 09) A socialist is someone who will give you the shirt off *someone else's* back.