Abstract:- Cloud storage as one of the most important services of cloud computing significantly facilitates cloud users tooutsource their data to the cloud for storage and share them with authorized users. In cloud storage, secure deduplicationhas been widely investigated as it can eliminate the redundancy over the encrypted data to reduce storage space andcommunication overhead. Regarding the security and privacy, many existing secure deduplication schemes generally focuson achieving the following properties: data confidentiality, tag consistency, access control and resistance to brute-forceattacks. However, as far as we know, none of them can achieve these four requirements at the same time. To overcome thisshortcoming, in this paper, we propose an efficient secure deduplication scheme that supports user-defined access control.Specifically, by allowing only the cloud service provider to authorize data access on behalf of data owners, our scheme canmaximally eliminate duplicates without violating the security and privacy of cloud users. Detailed security analysis showsthat our authorized secure deduplication scheme achieves data confidentiality and tag consistency while resisting bruteforce attacks. Furthermore, extensive simulations demonstrate that our scheme outperforms the existing competingschemes, in terms of computational, communication and storage overheads as well as the effectiveness of deduplicationKeywords: Cloud storage, Deduplication scheme, Data access, secure system