what you see there are (currently) pages, not portlets.
But the good news is: yes, you can do that.
You will have to create those pages, place the desired portlets on them, and then secure them via a security constraint that allows the mentioned roles read access to the individual page. As a result, user a (in role A) will only see page A (if pages B and C are assigned to different roles)
You can provide all the needed info in the *-object.xml , or later on via the management UI