Trusted cloud architecture provides secure and trustworthy execution environment for cloud computing users, which protects the private data's computing and storage security. However, with the rapid development of mobile cloud computing, there is currently still no secure solution for mobile terminals accessing trusted cloud architecture. Aiming at the above issues, a secure access scheme of cloud services for trusted mobile terminals is proposed. The program fully considers the background of mobile cloud computing applications, uses ARM TrustZone hardware-based isolation technology to build a trusted mobile terminal that could protect cloud service customers and security-sensitive operations on the terminal from malicious attacks. Physical unclonable function (PUF), the key and sensitive data management mechanism is put forward. The secure access protocol is designed based on the trusted mobile terminal and by employing trusted computing technology. The protocol is compatible with trusted cloud architecture and establishes end-to-end authenticated channel between cloud server and the mobile client. Six security properties of the scheme are analyzed and a scenario-based mobile cloud storage example is presented. Finally a prototype system is implement. Experimental results show that the proposed scheme has good expandability and secure controllability. Moreover, the scheme achieves small TCB((trusted computing base) for mobile terminal and high operating efficiency for cloud users.