Hi Venkat,
this is not possible with standard authorisation.
You can only decide, WHAT to do with an infotype, not in which transaction to do it.
(that sorts out PA20 - if rights for other ITs are restricted to read only, that part is done)
It doesn't really make sense for not allow something in PA30, but in PA40, because PA4 doesn't mean it is necessarily done as part of an action. Say, someone wants to change IT0006 without running an action. You want to block that by allowing IT0006 only to be changed in an action, right?
This person can still do it by going into PA40, Starting hiring action for the respective employee without entering a date, click "execute infogroup", skip screens until getting to IT0006, make the change and save.
You will achieve exactly the same result as in PA30 (just more complicated to do), but it has all happened in PA30. So, even IF (big "IF") it would make sense to control via authorisations that something can be done in actions only, restricting it by T-code wouldn't do the trick, even, if it worked.
So, could it work - assuming there are other cases, where it might make sense?
As Gretchen said: not in standard authorisations.
You can achieve it with a BAdI. It's actually done occasionally to have certain infotype rights added or taken away in a particular transaction.
The one to use in this case is BAdI HRPAD00AUTH_CHECK. However: this is a very powerful BAdI. If you don't know, what you are doing, you can cause a lot of damage. You can get a bit of context in this slide deck from page 45: Optimising SAP HR Authorisation by using custom development incl. BAd…