New Security Improvements in Next-Generation Passive Optical Networks Stage 2
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F19%3APU133725" target="_blank" >RIV/00216305:26220/19:PU133725 - isvavai.cz</a>
Alternative codes found
RIV/63839172:_____/19:10133195 RIV/61989100:27740/19:10243821
Result on the web
<a href="https://www.mdpi.com/2076-3417/9/20/4430" target="_blank" >https://www.mdpi.com/2076-3417/9/20/4430</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.3390/app9204430" target="_blank" >10.3390/app9204430</a>
Alternative languages
Result language
angličtina
Original language name
New Security Improvements in Next-Generation Passive Optical Networks Stage 2
Original language description
Passive optical networks are currently the most promising solution for access networks. These networks rely on broadcast signal distribution in the downstream direction and unicast signal transmission in the upstream direction. The upstream direction is controlled by optical line termination (OLT). The broadcast transmission method increases security vulnerability because the attacker is able to connect his/her modified optical network unit (ONU) to the free port of the splitter (commonly in the basement). We present the concept for the activation process of ONUs based on physical unclonable function (PUF) for next-generation passive optical networks stage 2 (NG-PON2). The use of PUF increases security in the NG-PON2. Furthermore, the registration identifier (ID) is not stored in a nonvolatile memory, in comparison with the common solution defined by the International Telecommunication Union (ITU) recommendation G.989.3. An attacker cannot perform a reverse engineering attack to obtain the registration ID. For this reason, the attacker cannot clone an ONU. We proposed security improvements that involve authentication, encryption, integrity protection, and data origin verification methods in the NG-PON2. Our model uses the standard implementation of the transmission convergence layer of NG-PON2 with the new physical layer operations, administration, and maintenance (PLOAM) messages. The recommendation G.989.3 allows specifying own PLOAM messages since not all IDs are used in the current specification.
Czech name
—
Czech description
—
Classification
Type
J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database
CEP classification
—
OECD FORD branch
20203 - Telecommunications
Result continuities
Project
<a href="/en/project/VI20172019072" target="_blank" >VI20172019072: Detection of security threats on the active components of critical infrastructures</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2019
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Applied Sciences - Basel
ISSN
2076-3417
e-ISSN
—
Volume of the periodical
9
Issue of the periodical within the volume
20
Country of publishing house
CH - SWITZERLAND
Number of pages
16
Pages from-to
1-16
UT code for WoS article
000496269400233
EID of the result in the Scopus database
2-s2.0-85074207887