XML is a global standard for the Internet and e-business, and its use is growing in proportion to the spreading speed of e-commerce. Thus, a policy for providing a safer security service for exchanging e-documents within e-commerce is necessary. XKMS (XML key management specification), one of XML's security specifications, defines the protocol for distributing and registering public keys for verifying digital signatures and enciphering e-documents of e-commerce applications with various and complicated functions. This paper presents an XKMS-based key management system architecture and a service model using Java crypto technologies and XML security mechanisms.