Computing system compromises occur because system integrity is not managed effectively. The various parties that contribute to a system, programmers, OS distributors, and system administrators, do not account for integrity threats comprehensively, leading to recurrence of the same kinds of attacks. The problem is that we lack scalable and automated approaches for these parties to assess the integrity of their individual components that enables one to build upon the efforts of others. In this talk, I will discuss an conceptual approach to composing system-wide integrity from enforcement of multiple system layers. This approach is motivated by various work in information flow security, but we find that managing system-wide integrity requires different inferencing approaches and care in mapping actual components to the model. In particular, we will discuss methods to establish a specifications of integrity, validating the initial integrity of system components and channels, and composing systems from such components that protect runtime integrity. We will demonstrate the use of methods on Xen and Linux systems for deploying cloud computing applications. We show that accounting for integrity in component design can lead to comprehensive system-wide management.