Data privacy protection in cloud computing environment faces severe challenges, and traditional encryption techniques are difficult to meet the flexible access control requirements. In this study, a cloud computing data protection scheme that integrates attribute-based encryption and access control mechanism is proposed to solve the problem of data security and access control in cloud storage environment. Methodologically, the CP-ABE encryption technique is used in combination with the XACML access control framework to construct a protection mechanism that contains three key phases: system initialization, data storage and data access. The experimental analysis shows that the CP-ABE scheme shows a significant advantage when the number of attributes increases, and the average number of pseudo-tuples increases from 1.5 to 2.25 when the number of attributes increases from 3 to 4. The performance test shows that in the policy attribute revocation scenario, the CP-ABE scheme reduces the computational overhead at the data owner side, and the average number of pseudo-tuples significantly decreases when the number of tuples increases from 1k to 4k, and the average number of pseudo-tuples decreases from 7.6 to 0.94.The CP-ABE scheme with the introduction of joint attributes not only reduces the computational burden on the data owner, but also significantly reduces the overall computational overhead when accessing more attributes of the structural tree, and at the same time ensures the forward and backward security of the data, which realizes the efficient protection and flexible access control of the data in the cloud environment.