This paper presents a privacy-preserving attribute distribution mechanism for an identity federation framework. Attribute-based access control (ABAC) is a highly flexible and scalable access control scheme which can deal with diverse security requirements in grid environment. However, in ABAC the user attributes delivered by the Identity Providers for authorization decisions may cause some privacy violation. We developed an attribute release control scheme that can improve the privacy protection capability of the current security systems in grids. The Shibboleth identity provider, GridShib, and Globus toolkit are used for our implementation.