Abstract: In this paper, we propose a distributed access control scheme based on controlled object, in which we make all of the nodes manage the user's right to simplify the right management, and adopt different encryption policy according to the ability of the device object to realize high level of control and low consumption of calculation. The analysis shows that proposed scheme can effectively control the user's access based on node's low cost, and mitigate DOS attack and reply attack of users.