Do you mean one separate section access table for every document, or a single section access table to manage permissions for all documents?
AFAIK there's not so much as a best practice for this. Your first approach offers flexibility and efficiency because you can adapt your SA-in-SQL-table 100% to the needs of each and every document. The second approach caters for a uniform & generalised Permissions system that puts some restrictions on what you are allowed t odo in Section Access, but on the other hand you won't need more than one custom (e.g. web based) app to manage permissions for hundreds of documents. And the security mechanism is straightforward and simple to explain. Whilme in the first case, you'll have a different security setup for each document.
I would go for the second approach (as I frequently do in customer projects) because of being easier to maintain.