In this paper,the differences between PKI and identity-based encryption(IBE)are firstly analyzed,and the advantages of building XKMS infrastructure for IBE are in detail discussed. An XKMS-like service architecture for IBE, named IBE-XKMS, is then proposed, and the modules of system management, identity authentication, key generation and key management are designed, as well as the service component logic relationships are described. Next, the key management service interfaces of four categories are proposed. Besides the basic XKMS services, IBE-XKMS also provides two types of key involved operations to implement the IBE encryption envelope and signature service, which can be utilized to develop some IBE-enabled secure web application without code on client. It is noted that IBE-XKMS provides a service framework with full IBE application supported for the next generation network of web service. At last, a prototype of IBE-XKMS is developed, on which the tests on the service response performance and the SOAP message communication cost are conducted, comparing with that of PKI-enabled XKMS.