If you modify the security of the object in any way then the security inheritence is broken but not before SharePoint imports all the parent settings to the child. Afterwards any updates made to the parent object will not be passed down to the child object.
Security in SharePoint is comprised of users, groups and roles.
Users, Groups and Roles
A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.
There are two types of groups SharePoint uses: domain groups and SharePoint groups.
Domain groups can come from Active Directory much like user accounts and are created and maintained there. An Active Directory group may contain Active Directory users and other Active Directory Groups.
SharePoint groups are created and maintained in SharePoint. A SharePoint group can contain user accounts and domain groups. A SharePoint group can not contain other SharePoint groups.
Access is granted or restricted through permissions grouped to form a role. The following roles are included in SharePoint out-of-the-box: