In the future, more and more services will be supplied over networks, which can bring end users great pleasure and convenience. It can become true if service providers can benefit from these services. For this purpose, authentication, authorization and accounting or AAA for short is needed. Unfortunately, current AAA architectures are designed without especially considering deploying new services for service providers and consuming various services for end users. In other words, these AAA architectures are not designed from aspects of service providers and service consumers both. To remedy this problem, a novel Service-Oriented AAA architecture is proposed in this paper. It introduces a novel AAA component named AAA Agent, which resides in service equipments as a logical component. AAA Agent provides a standard interface for the component that provides a specific service, namely service -providing server, and the interface has nothing to do with AAA details. It is AAA Agent that deals with all AAA affairs for the service-proving server. Therefore all AAA details are hidden from service-proving sever. Besides, a user credential mechanism is also proposed to enable users to roam among various services seamlessly only if they have rights. In a word, the proposed Service-Oriented AAA architecture is a novel AAA architecture that enables service providers to deploy new services easily and helps users to enjoy different services conveniently.
