Of course, faking LLID and transmitting frames at a random moment in time is no
good since the upstream channel is slotted and access time is strictly supervised by the
central OLT controller. Thus, such an impersonator must also have the capability to
passively monitor all downstream traffic, filter incoming data streams against LLIDs,
190 Chapter 7
and specifically, track and decode GATE MPCP DUs, which carry information on scheduled
transmission windows, specifically their times and sizes. ToS and masquerading
attacks are typically hard to detect once under way because a malicious user is perceived
as a legitimate one, and the EPON system cannot properly identify a security breach
in this case.
Proposed Security Mechanisms for EPONs A number of security mechanisms have been
proposed for EPONs, ranging from simple and straightforward subscriber payload protection
using standard AES encryption (with either 128- or 256-bit long keys), to solutions
based on periodic key churning [19, 20] to proposals to use complex authentication
servers (RADIUS [19, 21]) and higher-level security mechanisms (IPSec [22], for example).
It is clear that link-layer security should be provided for a number of reasons:
?– Because most of the existing higher-level protocols assume, by default, that the
link layer provides a secure transmission channel, it is expected that EPONs provide
inherent subscriber security mechanisms at Layer 2, without the need to
employ any solutions at Layer 3 and above.
Pages:
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481