Recently, cloud computing has drawn much attention from research and industrial communities. With adoption of cloud computing, data providers can reap huge economic benefits by outsourcing their data to cloud. Because of serious privacy concerns, sensitive data should be encrypted before being outsourced. In order to share the encrypted and outsourced data, data providers need to distribute different keys to legal users. Thus, in the scenario of multiple data providers, a legal user may receive lots of keys from different providers and suffer from heavy burden from key management. In this paper, we proposed an identity-based key management scheme, which can let a legal user only maintain a single root key regardless of the number of data providers. Based on the root key, a legal user can derive different resource keys to decrypt ciphertexts from different data providers. With the help of outsourcing decryption technique, a legal user could reduce the decryption overhead by outsourcing some decryption work to cloud. We proofed the correctness and analyzed the security of the proposed scheme, further implemented the proposed scheme, and conducted extensive experiments. The results demonstrate the efficiency and practicality of our scheme.