Conventionally, hosts in virtual cloud environments have been assumed to be trusted computing bases (TCBs). Therefore, protecting guest virtual machines running in a public cloud from attacks via a Virtual Machine Manager (VMM) of a host, has not been of significant concern to customers (also known as “guests”) since hosts have generally been trusted by the customers. As attacks on guest virtual machines by VMMs have been contemplated and actually experienced, providing protection to guest virtual machines has become of paramount importance.