A flexible peripheral access protection mechanism within a data processing system (10, 100). In one embodiment, each master (14, 15) within the data processing system (10) includes a corresponding privilege level modifier (70, 74) and corresponding trust attributes (71, 72, 75, 76) for particular bus access types (e.g. read and write accesses). Also, in one embodiment, each peripheral (22, 24) within the data processing system (10) includes a corresponding trust attribute (80, 84), write protect indicator (81, 85), and a privilege protect indicator (82, 86). Therefore, in one embodiment, a bus access by a bus master to a peripheral is allowed when the bus master has the appropriate privilege level and appropriate level of trust required by the peripheral (and the peripheral is not write protected, if the bus access is a write access). Also, through the use of the privilege level modifiers, a the bus master can be forced to a particular privilege level for a particular bus access.