Abstract. In this thesis, we address the problem of low-efficiency and high-cost access revocation in a distributed storage system. The design of our security model is based on two concepts. First, to reduce the amount of re-encryption, we assume our system is based on lazy revocation. Second, we show how to enhance the security of access control by implementing the current Trusted Platform Module TPM 1.2 technology without any assumption of trust in the BIOS, CPU, or OS of the client. We use a version-based archival storage system called Antiquity, which stores each version of a data object in a permanent, read-only form. In addition, we explain how to use key chains (key rotation) for file version control in a distributed storage system based on the concept of ‘one key per new version.’ To strengthen the servers trust in the client, we use the trusted hardware of the TPM (Trusted Platform Module) technology for network access control and hide a portion of the key information from users. We evaluate the performance of the implementation using the Antiquity Storage on an IBM laptop embedded with a TPM 1.2 chip, and demonstrate how access revocation security can be enhanced by using trusted computing technology.