If you refer to the internal AKS infrastructure, what can be said is that controller nodes run on a shared infrastructure owned by Azure but secured and isolated between customers.

Worker nodes are owned in full by the customer, but partly managed by Azure (during upgrades for example), so never shared between customers.

To understand more I suggest you open an issue here: https://github.com/Azure/AKS/issues

security doesnt really stop at the RBAC (as the other answer mentions) level, you'd also need to consider network security (can be achieved with network policies, but you'd need Azure CNI in AKS for that), resource quotas, pod permissions, etc.

So there's a lot to consider here, with little gains. You could also use agent pools and create a separate pool for each company using AKS and instruct them to use specific node selectors for their stuff, but I dont think you can enforce it at all.