Standard CUBA permissions are used by the framework mechanisms like hiding menu items and fields, disabling CRUD action buttons. Your custom permissions cannot affect framework behavior, so they should be separate. They can also be “higher level” than standard ones, so for example if a user makes an entity Read (in your terms), your app can create standard permissions denying modification of this entity.