I don't think you can implement restrictions over course categories based on custom user fields. You want to use the permissions system for this.
There are several ways to approach this. One would be to create a role for each type of user, assign the roles to users at system level, then use permission overrides to prevent users with a particualar role from viewing a particular category. Another would be to remove permissions from the authenticated user role that allow users to view courses, create a new role that does allow users to view courses, then assign the new role in the course category context to users who should be allowed to view that category.