The Internet of Things (IoT) has revolutionized various industries by enabling seamless connectivity and data exchange among devices. However, the security and privacy of outsourced IoT data remain critical challenges, especially given the resource constraints of IoT devices. This paper proposes a robust and leakage-resilient access control scheme based on Attribute-Based Encryption (ABE) with partial decryption outsourcing. The proposed scheme minimizes computational overhead on IoT devices by offloading intensive decryption tasks to the cloud, while ensuring resilience against master secret key leakage, side-channel attacks, and other common security threats. Comprehensive security analysis demonstrates the scheme's robustness under standard cryptographic assumptions, and performance evaluations show significant improvements in decryption efficiency, scalability, and computational performance compared to existing solutions. The proposed scheme offers a scalable, efficient, and secure access control framework, making it highly suitable for real-world IoT deployments across domains such as smart healthcare, industrial IoT, and smart cities.