Abstract-Authentication and key management are the key challenges in the cloud environment while exchanging the confidential information. It requires a lightweight key management protocol for communication in the cloud environment. This paper presents a lightweight hybrid key management scheme for improved data security in the cloud computing environment. A Third Party Auditor (TPA) ensures secure data communication between the data owner and cloud service provider using the proposed key management scheme. The hybrid scheme is developed by combining identity-oriented key management and pairwise probabilistic key pre-distribution schemes. The lightweight two-level session key is generated using the Hash Message Authentication Code (HMAC) and Exclusive OR (XOR) operations. It involves two level of session key establishment to reinforce the key against the traffic analysis attack. The Advanced Encryption Standard (AES) key and session key are required to download and decrypt the file. The cloud server schedules the tasks to the Virtual Machines (VMs) by applying the Genetic Algorithm (GA). The experimental analysis shows that the proposed key management scheme requires lower minimum key size, energy consumption, file uploading time, file downloading time and encryption time than the existing schemes. Keyword-Advanced Encryption Standard (AES) algorithm, Cloud Computing, Genetic Algorithm (GA), Lightweight Key Management, Third Party Auditor, Two-level Session Key I. INTRODUCTION With the rapid increase in the data sharing across the Internet, the cloud computing system is frequently used in the multiple data owner scenario. The cloud computing system offers various types of services. Platform as a Service (PaaS) is a cloud-based service that provides more choices to the subscriber for choosing the computing platform. Infrastructure as a Service (IaaS) provides the same features as the PaaS, but the customer is completely responsible for controlling the rented infrastructure. Software as a Service (SaaS) allows the business enterprises to access the functionality at a lower cost than the cost of licensed applications, as the SaaS pricing is based on a monthly fee. Due to the remote hosting of the software, the users do not need to invest in the additional hardware. The SaaS reduces the effort of installation, setup and maintenance by the business enterprises. Hence, it is referred as simply hosted applications.The data owner can upload the data to the cloud service provider and access the stored data using the software provided by the service provider. As the data received from the data owner is not enough to fill the storage space of the server, it leads to a lot of storage waste. The data received from different data owners is stored in the same server to increase the utilization rate of server storage space. There is a need to protect the confidential data for preventing the theft of confidential data by unauthorized person or other data owners. Hence, the confidential data is encrypted and stored. The data owner...