This paper proposes an access control mechanism of verifiable cloud computing services using chameleon hashing and Diffie–Hellman key exchange protocol. By this mechanism, an entity can apply for cloud computing services and he can authorize other users to access granted data or services. When an authorized user or entity wants to access cloud computing services, he can authenticate the cloud computing service provider. Moreover, no entity secret will be revealed by data kept by cloud servers such that security and cost saving can be both ensured. Security proof under the simulation paradigm is also given.