Abstract: In order to solve the problems of users’ lack of flexible management and high cost of decryption computing in cloud environment data resource sharing, an outsourcing decryption scheme based on cloud environment revocable user attributes is proposed. Scheme public parameters consisted of a fixed number of group elements and there was no restriction on the set of attributes used for encryption. User undo could be performed at each property level rather than at the system level for more fine-grained user access control. It would not disclose user information when determining whether a user was revoked or outsourced for decryption. The scheme was proved to be safe under the complexity assumption of composite order groups. By comparing the performance of similar experiments, the results show that the scheme is more efficient and flexible in the user management scenarios in cloud environment.