This　paper　describes　a　trusted　update　mechanism　of　node　authorization　based　on　proxy　re-encrypted　in　IoT　cloud.　It　defines　that　the　system　consists　of　IoT　data　server,　node　authorization　management　server,　re-encrypted　proxy　server　and　working　node.　The　data　is　generated　by　trusted　IoT　data　server　through　wireless　sensor　network.　The　network　publishes　to　the　node,　which　requires　the　node　to　register　in　the　node　authorization　management　server.　The　registered　node　will　obtain　the　ciphertext　data　in　the　re-encrypted　proxy　server　in　the　cloud,　and　obtain　the　decryption　parameters　in　the　node　authorization　management　server　for　data　decryption.　This　paper　designs　a　secure　and　efficient　cloud　data　sharing　protocol,　which　satisfies　the　security　of　adaptive　selection　ciphertext,　ensures　the　security　of　data　storage　and　sharing,　and　also　has　the　characteristics　of　unidirectionality,　universality,　non-interaction,　non-transferability　and　anti-collusion　attack.　This　paper　also　analyzes　the　computing　and　communication　costs　of　data　owners,　cloud　service　provider　(CSP)　and　data　receivers　under　the　data　sharing　protocol.　The　results　show　that　in　the　cloud　data　sharing　protocol　based　on　this　scheme,　the　data　owner’s　one-time　communication　cost　is　2368　bits,　which　is　better　than　several　comparison　schemes　and　can　meet　the　practical　application　requirements.　©　2020,　ICIC　International.