With the dramatically increasing deployment of intelligent devices, the Internet of Things (IoT) has attracted more attention and developed rapidly. It effectively collects and shares data from the surrounding environment to achieve better IoT services. For data sharing, the publish-subscribe (PS) paradigm provides a loosely-coupled and scalable communication model. However, due to the loosely-coupled nature, it is vulnerable to many attacks, resulting in some security threats to the IoT system, but it cannot provide the basic security mechanisms such as authentication and confidentiality to ensure the data security. Thus, in order to protect the system security and users’ privacy, this paper presents a secure blockchain based privacy-preserving access control scheme for PS system, which adopt the fully homomorphic encryption (FHE) to ensure the confidentiality of the publishing events, and leverage the ledger to store the large volume of data events and access cross-domain information. Finally, we analyze the correctness and security of our scheme, moreover, we deploy our proposed prototype system on two computers, and evaluate its performance. The experimental results show that our PS system can efficiently achieve the equilibrium between the system cost and the security requirement.