To allow different users to have different access privileges you need to create a separate web application, with a separate application pool that runs as a particular user. A separate web application and application pool needs to be created for each set of access privileges.
The following outlines the steps required to create a second web application for the Portal.