Resolve "Secure deployment"

Implements one requirement from #1365 (closed)

Security. Much of the ARM deals with securing interfaces to Stork, but it would be good to explain the overall security design in the Overview as this is a critical feature. A diagram showing the interfaces and how each are secured might help, or a table. This section should include some specific suggestions about how to deploy Stork most securely, and should include any assumptions we make about the environment. Besides helping the user, this is helpful for our vulnerability handling policy, as scoring could take into consideration the explicit security advice in the ARM. It might also help to add a list of links to the security-critical sections in the ARM (TLS set up, user permissions, user authentication...)