You can use the "editable" property of a dataview. Set editable on false and all attributes will be readonly within the dataview:
You could also use entity access to achieve this. Set the attribute access of an entity to read. This way the attributes will be read-only for your configured module role.
If you want to do that conditionally then you should create entity access for readonly and readwrite. Then you could use an enumeration to add a module role to your users which has the right access.
That is a good start. I would like to do that conditionally though. So I would like to have been able to set that to a condition based on a enumeration or business rule.
Instead of using security, you can also set conditionionally editable on almost any input widget. This can be based on a boolean or enumeration attribute.