Next Article in Journal
End-To-End Controls Using K-Means Algorithm for 360-Degree Video Control Method on Omnidirectional Camera-Equipped Autonomous Micro Unmanned Aircraft Systems
Next Article in Special Issue
Pavement Distress Detection with Deep Learning Using the Orthoframes Acquired by a Mobile Mapping System
Previous Article in Journal
Sample Reduction Strategies for Protein Secondary Structure Prediction
Open AccessArticle

New Security Improvements in Next-Generation Passive Optical Networks Stage 2

by 1,2,*,‡, 1,3,‡, 1,3,‡ and 1,‡
1
Department of Telecommunication, Brno University of Technology, Technicka 12, 616 00 Brno, Czech Republic
2
IT4Innovations, VSB–Technical University of Ostrava, 17. listopadu 15/2175, 708 33 Ostrava-Poruba, Czech Republic
3
Department of Optical Networks, CESNET a.l.e., Zikova 4, 160 00 Prague, Czech Republic
*
Author to whom correspondence should be addressed.
This paper is an extended version of our paper published in 2019 42nd International Conference on Telecommunications and Signal Processing (TSP).
These authors contributed equally to this work.
Appl. Sci. 2019, 9(20), 4430; https://doi.org/10.3390/app9204430
Received: 16 September 2019 / Revised: 11 October 2019 / Accepted: 15 October 2019 / Published: 18 October 2019
Passive optical networks are currently the most promising solution for access networks. These networks rely on broadcast signal distribution in the downstream direction and unicast signal transmission in the upstream direction. The upstream direction is controlled by optical line termination (OLT). The broadcast transmission method increases security vulnerability because the attacker is able to connect his/her modified optical network unit (ONU) to the free port of the splitter (commonly in the basement). We present the concept for the activation process of ONUs based on physical unclonable function (PUF) for next-generation passive optical networks stage 2 (NG-PON2). The use of PUF increases security in the NG-PON2. Furthermore, the registration identifier (ID) is not stored in a nonvolatile memory, in comparison with the common solution defined by the International Telecommunication Union (ITU) recommendation G.989.3. An attacker cannot perform a reverse engineering attack to obtain the registration ID. For this reason, the attacker cannot clone an ONU. We proposed security improvements that involve authentication, encryption, integrity protection, and data origin verification methods in the NG-PON2. Our model uses the standard implementation of the transmission convergence layer of NG-PON2 with the new physical layer operations, administration, and maintenance (PLOAM) messages. The recommendation G.989.3 allows specifying own PLOAM messages since not all IDs are used in the current specification. View Full-Text
Keywords: NG-PON2; physical unclonable function; transmission convergence layer; PLOAM messages; security NG-PON2; physical unclonable function; transmission convergence layer; PLOAM messages; security
Show Figures

Figure 1

MDPI and ACS Style

Clupek, V.; Horvath, T.; Munster, P.; Oujezsky, V. New Security Improvements in Next-Generation Passive Optical Networks Stage 2 . Appl. Sci. 2019, 9, 4430.

AMA Style

Clupek V, Horvath T, Munster P, Oujezsky V. New Security Improvements in Next-Generation Passive Optical Networks Stage 2 . Applied Sciences. 2019; 9(20):4430.

Chicago/Turabian Style

Clupek, Vlastimil; Horvath, Tomas; Munster, Petr; Oujezsky, Vaclav. 2019. "New Security Improvements in Next-Generation Passive Optical Networks Stage 2 " Appl. Sci. 9, no. 20: 4430.

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop