In this abstract, we propose a shared authority based privacy preserving authentication protocol (SAPA) for the cloud data storage, which realizes authentication and authorization without compromising a user’s private information. The main contributions are as follows. 1) Identify a new privacy challenge in cloud storage, and address a subtle privacy issue during a user challenging the cloud server for data sharing, in which the challenged request itself cannot reveal the user’s privacy no matter whether or not it can obtain the access authority. 2) Propose an authentication protocol to enhance a user’s access request related privacy, and the shared access authority is achieved by anonymous access request matching mechanism. 3) Apply cipher text-policy attribute based access control to realize that a user can reliably access its own data fields, and adopt the proxy re-encryption to provide temp authorized data sharing among multiple users.