Hello, yes, we've had a few 4.0 milestone releases as we march toward the GA release around the turn of the year, and some of the applicable features are multi database and schema based security.
However, at present these new features are not owner-based. We don't have automatic tagging of created nodes and relationships for the logged in user, that would have to be done using something like a trigger via APOC or transaction listeners.
With multi-database, it could be possible to have a separate database per role (though this would require some setup and some way to provision the new database for a role, and grant the appropriate permissions/role for the user), and the databases would be isolated from each other, but this is only meant to scale to 100's of databases at most, so if the userbase you need to support is greater than that then this wouldn't be the way to go.
With schema based security you could enforce various privileges such that roles could only read/write/traverse nodes with specific labels/relationship-types, and I think there may be some work in the backlog to enhance these such that certain property values can be used as a security filter (so when this does get implemented, you could have read restrictions for a role so they can only read nodes where property x = y). This in combination with the trigger for adding a property to a node on creation sounds like it's the best match for what you're looking for, but it will require waiting for that enhanced security feature on the property values.
Also note that we're talking roles here, not individual users. The primary use case we're tackling on the security side right now is based on roles, not on individual users.