Yes, you could - for example - use a field to determine which user can read/update a particular page; or use individual templates per user. These criteria can then be used to lock access to other content. Note that for a user to access a specific page, the path to that page (i.e. all the parents) must at least be readable (unless you provide a direct link to the page).
You can block access to content on the frontend as well, but then you would have to create the upload functionality for files yourself. Permission events can also be used on the frontend via the
BTW. You can also use Panel permissions to limit file uploads to certain file types or min/max sizes (or any other file properties)…