In Internet of Things (IoT) era, everybody can access data anytime and anywhere. Information in a data center can be accessed by users using end-user devices such as a laptop, smartphone, and Personal Computer. The data should be secured and cannot be accessed by illegal users from the environment monitoring. To secure and prevent the sensor data from illegal access by the user then it is required a security with a user revocation mechanism. CP-ABE (Ciphertext-Policy Attribute-Based Encryption) becomes a solution for this issue to protect the sensor data and revoke the user. In this paper, we propose a secure system using CP-ABE with user revocation. Our system does not only perform a sensor data encryption, but also revocation to the user. The system experiments showed the practicality of our system for protecting sensor data and user revocation for the users who do not have the access rights.