i'm sure you could do it that way, but it would probably mean hand coding all of the pages, as I don't know if the Security Assist- Manage Site Access wizard or the security assist server behaviors could cope with that.
Here's the logic (for what its worth) of what I did.
Imagine Members have a userLevel of 1, Administrators 2, Group Administrators 3
I wanted members to see some pages not generally accessible to the public
I wanted administrators to see some pages not accessible to the public or members, but I also wanted then to be able to see members pages
I wanted group administrators to see some pages not accessible to the public or members or administrators, but I also wanted then to be able to see members and administrators pages, - so effectively I have a cascading hierarchy where group admins can access pretty much everything, admins most things, members some things and the public, everything else. Get it ?
What I then did was create access rules, so that the
Members rule condition was to allow access if the userLevel session variable was 1 or 2 or 3
Administrators rule condition was to allow access if the userLevel session variable was 2 or 3
Group Administrators rule condition was to allow access if the userLevel session variable was 3
So if an admin logs in, they are userLevel 2, so can access all pages accessible to members and administrators (and public), but not group administrators.
Then you apply page access security either via the wizard or the server behaviors.