You are absolutely correct in that permissions of parent content "cascade down" to subpages. The general thinking here is that if you need to protect a page or section, then permissions should only get MORE restrictive as you travel down the hierarchy. In other words, permissions work like this:
"If I am protected, the user must match at least one group attached to me." That recurses up the chain with each parent/ancestor - so the user must effectively belong to at least one group from each protected page in the current page's hierarchy.
For instance, you might set up a system like this.
-- Parent 1 - Restricted to group "Registered Users". Users must be logged in to access.
----- Child 1 - Restricted to group "Staff". Users must be logged in AND a member of "Staff" to access.
-------- Descendant 1 - Restricted to group "Managers". To access, user must be a member of "Staff" (inherited from Child 1) AND "Managers" to access
-------- Descendant 2 - No additional restrictions. User must simply be a member of "Staff" group.
-- Parent 2 - No restrictions. Anyone can access (including anonymous).
Currently, there is no way to "override" requirements inherited from a parent, but I think PSC should be able to meet your needs based on your example. You can further control content access by assigning it to a different parent with the permissions you want it to inherit. This way, your site structure ends up being dictated by your desired permissions, but in most use-cases, this actually ends up helping usability. :-)