Is there any chance that some of future version of RoS have option to use address list in places such services, users... (in option like Available From/Allowed Address)?
Services (whatever you mean by that) can already be limited like that by building a firewall rule that blocks acccess unless accessed from address list xyz.
If you want to limit by user, you will have to track them somehow, e.g. via Radius. The question is then if you want to track their IP addresses (address list) or the sessions/connections which would be quite a bit more complex.