In this paper we present an identity-set-based broadcast encryption scheme with three working modes: set membership (Include-mode), all member (All-mode), and negative membership (Exclude-mode) over the user identity set, simultaneously. The core of our scheme is the implementation of cryptographic representation of subset by using two aggregation functions: Zeros-based aggregation and Poles-based aggregation. These two aggregation functions are capable of compressing any subset into one element in a bilinear map group for determining the membership between an element and a subset. Our scheme achieves the optimal bound of O(1)-size for either ciphertext (consisting of just two elements) or decryption key (one element) for an identity set of large size. We prove that our scheme is secure under the General Diffie-Hellman Exponent (GDHE) assumption. Keywords Broadcast Encryption, Cryptographic Membership, Aggregation Function