cloud computing (ra2studio/

Researchers launch secure cloud user environment

The University of Texas at San Antonio (UTSA) has launched a secure, open source user computer environment for the Amazon Web Services cloud. The Galahad technology, named after the Arthurian knight who found the Holy Grail, uses role-based isolation, real-time sensors and maneuverability techniques to protect users running desktop applications running in an AWS cloud.


How IARPA invents its way to security

The Intelligence Advanced Research Projects Agency's virtuous user environment, or Virtue, puts a user's apps and roles into unconnected cloud containers. Read more.

IARPA VirtUE focuses on user roles for security

The Virtuous User Environment mitigates the exploitation of legacy and cloud-based vulnerabilities by securing users' roles rather than their identities. Read more.

Galahad was developed by Star Lab Corp. as part of the Intelligence Advanced Research Projects Activity's Virtuous User Environment program to build a dynamic cloud-based environment for government user applications. IARPA's VirtUE separates apps and functions into separate cloud containers based on user roles -- email reader/respondent, web researcher, database contributor, for example.

 Star Lab recently transitioned the Galahad technology to UTSA for further development and research and to promote its adoption by the wider cyber defense research community.

Galahad does not use dedicated servers or attempt to establish trust. Instead, the software uses role-based isolation, real-time sensors and maneuverability techniques that make it more difficult for adversaries to penetrate targets and force attackers consume more resources, UTSA officials said in a statement.

Unique user profiles for how applications are typically used combined with machine learning help Galahad quickly spot malicious activity at the application, virtual machine and hypervisor level. The software can also dynamically move cloud applications to different hosts to avoid compromise.

Researchers at UTSA are now looking for other academic partners to help it build the system into an advanced research platform with additional security features such as user access control, privilege chains, decision engines and blockchain-based smart contracts that run across different virtual machines. UTSA officials said they believe Galahad can also be leveraged to provide better integration of internet-of-things systems and secure Linux operating systems and hypervisors.

About the Author

Susan Miller is executive editor at GCN.

Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.

Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.

Connect with Susan at [email protected] or @sjaymiller.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected