There are many types of security that have been applied to secure Electronic Commerce nowadays. Mainstream of security depends on equipment-based security mechanisms, which are a concern in terms of security issues as a whole. The necessity of strong security for Electronic Commerce has increased as a result of the whole process and the devices used. This thesis proposes an appropriate security management system for E-Commerce. The idea of QoSS and a Threat-Adaptive Security Policy is examined in detail in order to apply a conceptual approach to the XML document which is a standard data exchange format. An analysis of the existing system is used in order to suggest appropriate next-generation security management for XML document security. This work contributes to expanding existing security management in the XML document area in order to establish a flexible security policy.