In the cloud computing infrastructure, there is an increasing demand to maintain and verify the integrity of software stacks running on remote systems and protect users' sensitive data. However, due to the fact that software stacks running on cloud platforms are usually provided and maintained by different authorities (or providers) who are potentially untrusting to each other, the problem of measuring and protecting runtime system integrity becomes very challenging and has not been well addressed yet. In this paper, we present an integrity measurement and protection architecture for software stacks running on a guest operating system (OS) of a virtualized platform in cloud environment. Our solution does not change the guest OS, and thus is transparent to the OS authority. Furthermore, our architecture ensures that sensitive information of users is protected once the integrity of software stacks is broken during runtime. We implement our solution on Xen, and present a simple prototype-based Nimbus. We demonstrate the capability of dynamically detecting the integrity change of programs in cloud computing, and our evaluation results show that the solution is effective for integrity protection with acceptable performance overhead. Copyright © 2010 John Wiley & Sons, Ltd.