As a large quantity of information is represented in XML format on the Web, there are increasing demands for XML security. Until now research on XML security has been focused on the security of data network using digital signature and encryption technology. As XML data become extensive and complex, however, XML security comes to involve not only network security but also managerial security. But XML encryption support only simple network security. So it cannot support multiple users and multiple access control policy. In this paper, an integration method of encryption and access control policy for securing XML documents is proposed. This methodology can support multiple authorizations of multiple users with integrating access control.