AbstractAttribute-Based Encryption (ABE) is one of the new visions for finegrained access control in cloud computing. Plenty of research work has been done in both academic and industrial communities. However, before ABE can be deployed in data outsourcing systems, efficient enforcement of authorization policies and policy updates are the main obstacles. Therefore, in order to solve this problem, efficient and secure attribute and user revocation should be proposed in original ABE scheme, which is still a challenge in existing work. In this paper, we propose a new ciphertext-policy ABE (CP-ABE) construction with efficient attribute and user revocation, which largely eliminates the overhead computation at data service manager and data owner. Besides, we present an efficient access control mechanism based on the CP-ABE construction with one outsourcing computation service provider.