The University of Texas at San Antonio has launched Galahad, a secure ecosystem to protect users running desktop applications in an AWS cloud.
The University of Texas at San Antonio (UTSA) has launched a secure, open source user computer environment for the Amazon Web Services cloud. The Galahad technology, named after the Arthurian knight who found the Holy Grail, uses role-based isolation, real-time sensors and maneuverability techniques to protect users running desktop applications running in an AWS cloud.
Galahad was developed by Star Lab Corp. as part of the Intelligence Advanced Research Projects Activity's Virtuous User Environment program to build a dynamic cloud-based environment for government user applications. IARPA's VirtUE separates apps and functions into separate cloud containers based on user roles -- email reader/respondent, web researcher, database contributor, for example.
Star Lab recently transitioned the Galahad technology to UTSA for further development and research and to promote its adoption by the wider cyber defense research community.
Galahad does not use dedicated servers or attempt to establish trust. Instead, the software uses role-based isolation, real-time sensors and maneuverability techniques that make it more difficult for adversaries to penetrate targets and force attackers consume more resources, UTSA officials said in a statement.
Unique user profiles for how applications are typically used combined with machine learning help Galahad quickly spot malicious activity at the application, virtual machine and hypervisor level. The software can also dynamically move cloud applications to different hosts to avoid compromise.
Researchers at UTSA are now looking for other academic partners to help it build the system into an advanced research platform with additional security features such as user access control, privilege chains, decision engines and blockchain-based smart contracts that run across different virtual machines. UTSA officials said they believe Galahad can also be leveraged to provide better integration of internet-of-things systems and secure Linux operating systems and hypervisors.