A method includes a trusted component of a host computing system, obtaining, from a client, via a hypervisor of the host, a request to run an instance of a guest image within the hypervisor. The request includes a unique identifier of the guest image, contents of the guest image, and a communication key. The request is encrypted with a request key accessible to the owner and the trusted component and not accessible to the hypervisor. The trusted component generates an authorization request to an authorizing entity of the client requesting authorization for the hypervisor to run the instance. The authorization request includes the unique identifier, a use counter, and a unique challenge. The trusted component encrypts the authorization request with the communication key and communicates the authorization request to the authorizing entity, via the hypervisor.