In　this　paper,　we　propose　a　revocable　and　privacy-preserving　bilateral　access　control　scheme　(named　PriBAC)　for　general　cloud　data　sharing　(i.e.,　end-cloud-based　data　sharing).　PriBAC　ensures　that　preference　matching　is　successful　only　when　both　parties＇　preferences　are　satisfied　simultaneously.　Otherwise,　nothing　is　leaked　beyond　whether　the　preference　matching　occurs.　There　are　three　challenges　in　designing　PriBAC.　The　first　challenge　is　protecting　matching　information,　i.e.,　concealing　two　preference　matching　processes,　in　a　single　cloud　server.　The　second　challenge　is　protecting　preference　content　while　preventing　receivers　from　receiving　much　useless　information.　The　third　challenge　is　how　to　integrate　efficient　user　revocation　mechanisms　into　bilateral　access　control　to　handle　frequent　user　revocation　cases　in　practical　cloud　data　sharing　applications.　To　address　the　above　challenges,　the　punchline　in　PriBAC　is　to　leverage　Newton＇s　interpolation　formula-based　secret　sharing　to　enrich　the　matchmaking　encryption　technique　for　constructing　a　privacy-preserving　preference　matching　mechanism.　To　achieve　efficient　user　revocation,　we　integrate　a　unique　symbol　into　each　user＇s　keys　and　efficiently　revoke　users　by　invaliding　the　corresponding　keys.　Security　analysis　proves　that　PriBAC　can　resist　the　chosen-ciphertext　attack　and　preserves　preference　privacy　and　matching　privacy.　Experiments　show　that　PriBAC　achieves　approximately　3times　user　performance　improvement　compared　with　current　state-of-the-art　related　schemes.　©　2005-2012　IEEE.