On EPON security issues

We discuss in detail all major security-related issues inherently present in PON systems. Ethernet PON (EPON) type networks have very specific requirements for data- and system-level security, due to combining - for the first time using Ethernet links ¿ residential and business customers with different security awareness levels and protection demands. Various types of potential network structure targeted attacks are elaborated, starting from simple passive monitoring, through flavors of denial of service (DoS), towards masquerading and theft of service (ToS), presenting a complete and detailed image of security threats in EPONs. Authentication and security mechanisms, as well as their shortcomings, are also briefly examined.

[1]  Jong-Tae Lim,et al.  Dynamic bandwidth allocation algorithm in Ethernet passive optical networks , 2003 .

[2]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[3]  Chan-Hyun Youn,et al.  Dual DEB-GPS Scheduler for Delay-Constraint Applications in Ethernet Passive Optical Networks , 2003 .

[4]  R.S. Tucker,et al.  Optical CSMA/CD media access scheme for Ethernet over passive optical network , 2002, IEEE Photonics Technology Letters.

[5]  M.A. Ali,et al.  A novel decentralized ethernet-based PON access architecture for provisioning differentiated QoS , 2004, Journal of Lightwave Technology.

[6]  Biswanath Mukherjee,et al.  IPACT: A dynamic protocol for an Ethernet PON (EPON) , 2002, IEEE Commun. Mag..

[7]  Song J. Park Analysis of AES Hardware Implementations , 2003 .

[8]  Marek Hajduczenia,et al.  EPON versus APON and GPON: a detailed performance comparison , 2006 .

[9]  Biswanath Mukherjee,et al.  Interleaved Polling with Adaptive Cycle Time (IPACT): A Dynamic Bandwidth Distribution Scheme in an Optical Access Network , 2004, Photonic Network Communications.

[10]  Hiromichi Shinohara Broadband access in Japan: rapidly growing FTTH market , 2005, IEEE Communications Magazine.

[11]  V. O'Byrne,et al.  FTTP deployments in the United States and Japan-equipment choices and service provider imperatives , 2005, Journal of Lightwave Technology.

[12]  Maode Ma,et al.  A bandwidth guaranteed polling MAC protocol for Ethernet passive optical networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[13]  Biswanath Mukherjee,et al.  Fair queueing with service envelopes (FQSE): a cousin-fair hierarchical scheduler for subscriber access networks , 2004, IEEE Journal on Selected Areas in Communications.

[14]  Martin Reisslein,et al.  Ethernet PONs: a survey of dynamic bandwidth allocation (DBA) algorithms , 2004, IEEE Communications Magazine.

[15]  Jae-Doo Huh,et al.  Dynamic Bandwidth Allocation Algorithm for Multimedia Services over Ethernet PONs , 2002 .

[16]  H. Shinohara NTT's deployment of FTTH services , 2004, Optical Fiber Communication Conference, 2004. OFC 2004.

[17]  Biswanath Mukherjee,et al.  Ethernet passive optical networks , 2005 .