This document proposes a scheme for secure key distribution without requiring secure communication channels. The scheme allows users to securely obtain private keys from a group manager to access cloud resources. It enables fine-grained access control and ensures revoked users can no longer access the cloud. The scheme is efficient and does not require updates to existing users' private keys when new users join or leave the group.