A processor, such as a low-cost microcontroller unit, uses a DMA controller to facilitate direct memory transactions between hardware subsystems independently of the CPU. To enable those transactions to be carried out security, gateways are provided to the DMA controller and peripheral bridge. The gateways, which have access to multiple access policies, switch between those policies depending on a hardware context and/or subcontext, such as the bus master originating the transaction and/or the DMA channel associated with the transaction. The gateways are operable to administer those policies independently of the CPU. In various implementations, gateways are provided for the DMA controller, the peripheral bridge, and/or individual peripherals. The processor is able to support secure, fully containerized operations involving its peripherals without constant CPU intervention.