Sensing-as-a-Service model provides the platform for data (or device) owners to sell their data to consumers (or buyers) with the help of middle men. The nature of entities involved in this model makes it difficult for the data owners to provide data security and efficient access control. To overcome these issues in Sensing-as-a-Service model, we propose an attribute based access control mechanism using which the data owners can ensure security of sensed or gathered data (irrespective of where it is stored either on a stand alone server or cloud server) as well as efficient access control. With an example it is explained how the data owners in cyber physical systems can specify decentralized access permission and secure their data using the proposed model. Also, the proposed model provides read only access to data buyers. Computation complexity of proposed scheme in offering Sensing-as-a-Service is also discussed. © 2018 IEEE.