In this paper, we introduce the concept of oblivious transfer with threshold access control. Namely, for each message in a database, the server associates an attribute set τ with it such that the message can only be available, on request, to the users who possess at least t attributes out of τ. Meanwhile, after the server and users execute the protocol, the server will not learn anything about the identities, attributes or message choices of the users. The essential idea of “threshold” access control is to define the minimum number of attributes from a given set of attributes that users have to possess in order to obtain the message. Combining Sahai and Waters’ fuzzy identity-based encryption with a credential signature scheme, we present a concrete construction for the oblivious transfer with threshold access control which is proved secure in the standard model.