a decryption unit configured to read out an execution code or data of one of a plurality of encrypted programs and decrypt the execution code or data by using a prescribed encryption key corresponding to the read-out encrypted program, according to a decryption request from a cache memory control unit;

a cache memory configured to store the execution code or data decrypted by the decryption unit and an actual encryption key used in decrypting the execution code or data for at least one cache line, the actual encryption key being stored in a secret protection attribute holding section of at least one cache line, the execution code or data stored in the cache memory remaining even after each program terminates; and

the cache memory control unit configured to process a reading request for the execution code or data to be acquired from the decryption unit or the cache memory such that, if the execution code or data exists in the cache memory and the actual encryption key stored in the secret protection attribute holding section of a cache line that stores the existent execution code or data is identical with the prescribed key corresponding to a program that issues the reading request, the execution code or data in the cache memory is read out, and if the execution code or data does not exist in the cache memory or the actual encryption key is not identical with the prescribed key, the execution code or data is read out from an external memory device.