Anthony
Usually to restrict inter vlan access you would use an access list (acl) on the SVIs (Switched Virtual Interface) ie. the "interface vlan " bit in your configuration.
You can allow DHCP through with an acl to your current DHCP server and then block all other traffic. But it depends on where the internet access is ie. if to get to the internet you need to go via another vlan then you would need to allow that through as well.
If internet access was in the same vlan and you created another DHCP server for that vlan then you could completely disable inter vlan routing by removing the SVI for that vlan and then the wireless clients would not be able to route to any other vlans internally.
But usually DHCP and the physical internet access are not on the same vlan as the wireless clients.
In terms of security you may be better posting that part in the Wireless forums. You can use Radius to authenticate clients but i haven't done that in a long time so i'm not really up to date on that side of things.
Jon