Modern computer systems place a high importance on maintaining data and application security. In a distributed and/or virtual computer system environment, where a plurality of users, services, applications, virtual machines, controlling domains and hosts may have access to a computer system, maintaining data and application security may be a difficult problem. In a distributed and/or virtual computer system environment, for example, where the computer hardware may be provided by a computing resource service provider and/or may also be provided by a third party such as, for example, a customer of the computing resource service provider, both the customers and the computing resource service provider may also wish for additional isolation of, or security for, sensitive or restricted information, protecting computer resource service provider information from the customer and protecting customer information from the computing resource service provider.
Encrypting data or applications may help ameliorate security concerns, but users often desire additional assurances. For example, computing resource service providers may desire additional assurances of the security of a computer system by isolating applications so that the computer system is insulated from application failures. Additionally, a computing resource service provider may desire additional assurances that applications and data are protected from access by a controlling domain or an operating system that has trusted status and can read or write directly from computer system memory. Accordingly, both users and computing resource service providers may desire assurances of the isolation and security of data and applications operating within a computing resource service provider environment.