摘要
从整个EPON接入网层面全面分析了EPON系统存在的设备、链路和业务3个方面的安全威胁,并据此提出了EPON系统安全的5个主要目标。在对设备的控制功能、设备的接入认证和广播风暴的抑制等进行深入研究后,创新性地提出分3个层次对链路安全进行分析的模型,并重点研究了搅动算法和高级加密算法(AES)在EPON系统内的实现方式,其中涉及算法模式的选择、密钥的产生和同步机制等方面;最后对业务安全进行了研究,对受到普遍关注的组播业务源和ONU端口组播业务的安全给出了高效的解决方案。
From the view of the whole EPON access networks, the security of equipment level, link level and service level in EPON system are studied, and it proposes five security goals in EPON system. After the investigation to equipment's control function, ONU access authentication and broadcast storm suppression, it innovatively proposes a model which could analyze the link security from three levels. Furthermore, it studies on the implementation details of ITUT Churning and Advance Encryption Algorithm (AES) in EPON, which involves encryption mode selection, key generation and key synchronization. At last, it discusses the service security and gives an effective solution to the security of multicast service source control and ONU port multicast service management mechanism.
出处
《重庆邮电学院学报(自然科学版)》
2006年第5期553-557,共5页
Journal of Chongqing University of Posts and Telecommunications(Natural Sciences Edition)
基金
国家"863"计划资助项目(2004AA122310)
