Documentation addons regarding security architecture and features

[vadika]

Description of Changes

Note documents to cover following topics:

• How trusted VM updates are contolled by whitelisted repos
• How the Separation of Duties principle implemented overview
• How least privilege principle implemented overview
• How VM network separation implemened
• How system logs are protected by encryption on transit and at rest
• How critical services are protected from privilege escalation

Type of Change

• New Feature
• Bug Fix
• Improvement / Refactor

Related Issues / Tickets

Checklist

• Clear summary in PR description
• Detailed and meaningful commit message(s)
• Commits are logically organized and squashed if appropriate
• Contribution guidelines followed
• Ghaf documentation updated with the commit - https://tiiuae.github.io/ghaf/
• Author has run make-checks and it passes
• All automatic GitHub Action checks pass - see actions
• Author has added reviewers and removed PR draft status

Testing Instructions

Applicable Targets

• Orin AGX aarch64
• Orin NX aarch64
• Lenovo X1 x86_64
• Dell Latitude x86_64
• System 76 x86_64

[vunnyso]

nix build .#packages.x86_64-linux.doc need to be fixed first.