Abstract: Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising encryption technology for secure access control in cloud computing. However, in most of the existing CP-ABE schemes, the size of decryption key linearly increases with the number of attributes, and the decryption time follows a linear relationship with the complexity of access structure increasing. To reduce the storage cost of user’s key and the time cost of decryption, in this paper, a compact and outsourced access control scheme is provided in cloud computing. In the proposed scheme, access structure associated with ciphertext can support three policies: AND, OR, and Threshold. At the same time, it can verify the result of outsourcing decryption only using some hash computations and XOR operations. Based on the aMSE - DDH problem, the proposed scheme is proved to be selectively secure against chosen-ciphertext attack in the random oracle model. In addition, the analyses show that it is efficient to securely achieve access control in cloud computing, especially when the terminal devices associated with user are constrained.