Access control has vital significance in cloud computing, where data files are stored in the cloud server. In current schemes, the cloud server typically needs to consult the backend authorization server, when processing access control request from data users. This will put a heavy burden on the authorization server, and therefore introduce Denial-of-Service attack on it. To address this issue, this paper models the access control requirement in cloud computing, and designs a distributed access control scheme. Its security features and efficiency are analyzed.