Restrict the authorization of custom business object OWL entries based on the custom field

Dear Experts,

We have a requirement to restrict the custom business object OWL entries based on the field "Confidential".

If the field is set to Confidential then, only the employees part of team should have an access to the data else , the data should be unrestricted for all the employees.

i have referred to blog https://blogs.sap.com/2014/07/21/instance-based-access-control/ to achieve this requirement , however as per the blog i feel , we can only inherit the standard access context but cannot restrict the data based on the field.

Any suggestions or thoughts on this requirement is really helpful

Thank you much