If you choose to inherit the permissions, it will copy the same set of permissions to the sub-site which will again be passed on to the lists/libraries you create. It may happen that for securing our content, we want to break this inheritance and want to assign unique permissions to restrict the users for certain actions and to make the content more secure. Inheritance can be broken manually using the Out of feature also and if you have a business logic in place, you can do it programmatically also. This blog post gives you code to break inheritance for items meeting certain criteria and assigning permissions to them explicitly. I am using ItemAdded() event receiver to do this. You can use it within workflow or any custom webpart as well.
SPGroup securityGroup = spWeb.SiteGroups["Security Group Name"];
SPRoleDefinition groupRole = spWeb.RoleDefinitions["Read"];
SPRoleAssignment roleAssign = new SPRoleAssignment(securityGroup);
SPListItem listItem = spWeb.GetListItem("http://List Item URL");