Admins must be able to maintain the permissions from our web-site .
In one of your examples it seems like you'll have to use the Visual Guard .Net to maintain permissions....is it possible to incorporate this into a web-application?

As mentioned above, some Visual Guard features are available through VG API.
For instance, with the API, you can manage users accounts (create/delete/unlock/change password,...),
manages roles, grant role to users, grant permission sets to roles, etc.
As a result, an administrator can manage user, roles and permission sets from your web site.

On the other hand, we consider declaring a permission requires some technical info
(the name of the form/control/attribute to change for instance) and should be done by developers.
So developers will use Visual Guard Console to create a list of permissions.
Administration will grant these permissions to roles and users.