METHOD AND APPARATUS FOR AUTHENTICATION IN PASSIVE OPTICAL NETWORK AND PASSIVE OPTICAL NETWORK

US 20120072973A1
Filed: 11/28/2011
Published: 03/22/2012
Est. Priority Date: 05/28/2009
Status: Abandoned Application

First Claim

Patent Images

1. A method for authentication in a Passive Optical Network (PON), comprising:

receiving, by an Optical Network Unit/Optical Network Terminal (ONU/ONT), a first negotiation message sent by an Optical Line Terminal (OLT), wherein the first negotiation message carries a logic registration ID of the OLT,authenticating, by the ONU/ONT, the OLT according to the logic registration ID of the OLT;

sending, by the ONU/ONT, a second negotiation message to the OLT, wherein the second negotiation message carries a logic registration ID of the ONU/ONT, the logic registration ID of the ONU/ONT is used to enable the OLT to authenticates the ONU/ONT; and

receiving, by the ONU/ONT, a terminal identifier sent by the OLT, wherein the terminal identifier is allocated for the ONU/ONT after both the authentication on the ONU/ONT and the authentication on the OLT succeed.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The embodiments of the present disclosure provide a method and an apparatus for authentication in a Passive Optical Network (PON), and a PON. The method includes: receiving, by an Optical Network Unit/Optical Network Terminal (ONU/ONT), a first negotiation message sent by an Optical Line Terminal (OLT), and authenticating the OLT according to a logic registration ID of the OLT; sending, by the ONU/ONT, a second negotiation message to the OLT, the logic registration ID of the ONU/ONT is used to enable the OLT to authenticate the ONU/ONT according to a logic registration ID of the ONU/ONT, and allocates a terminal identifier for the ONU/ONT after the authentication succeeds. In the embodiments of the present disclosure, the OLT and the ONU/ONT are authenticated through the logic registration IDs, thus eliminating security threats in the authentication process.

Citations

20 Claims

1. A method for authentication in a Passive Optical Network (PON), comprising:
- receiving, by an Optical Network Unit/Optical Network Terminal (ONU/ONT), a first negotiation message sent by an Optical Line Terminal (OLT), wherein the first negotiation message carries a logic registration ID of the OLT,authenticating, by the ONU/ONT, the OLT according to the logic registration ID of the OLT;
  
  sending, by the ONU/ONT, a second negotiation message to the OLT, wherein the second negotiation message carries a logic registration ID of the ONU/ONT, the logic registration ID of the ONU/ONT is used to enable the OLT to authenticates the ONU/ONT; and
  
  receiving, by the ONU/ONT, a terminal identifier sent by the OLT, wherein the terminal identifier is allocated for the ONU/ONT after both the authentication on the ONU/ONT and the authentication on the OLT succeed.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, further comprising:
    - authenticating, by the OLT, the ONU/ONT according to the logic registration ID of the ONU/ONT and one of information stored on the OLT and remote server interaction information.
  - 3. The method according to claim 2, further comprising:
    - receiving, by the ONU/ONT, a request message sent by the OLT for reporting a Serial Number (SN) before the ONU/ONT receives the first negotiation message sent by the OLT, andsending, by the ONU/ONT, a first authentication request to the OLT upon receiving the request message for reporting the SN,wherein the first authentication request is configured to request authentication on the OLT, and the first negotiation message received by the ONU/ONT from the OLT is an authentication response that carries the logic registration ID of the OLT.
  - 4. The method according to claim 2, further comprising:
    - reporting, by the ONU/ONT, the SN of the ONU/ONT to the OLT after the ONU/ONT authenticates the OLT successfully.
  - 5. The method according to claim 4, wherein the SN of the ONU/ONT is carried in the second negotiation message.
  - 6. The method according to claim 1, wherein the logic registration ID of the OLT comprises:
    - a device type of the OLT, version information of the OLT, a Media Access Control (MAC) address of the OLT, PON port information of the OLT, or function information of the OLT, or any combination thereof.
  - 7. The method according to claim 1, wherein the authenticating, by the ONU/ONT, the OLT according to the logic registration ID of the OLT comprises:
    - extracting, by the ONU/ONT, the logic registration ID of the OLT from the first negotiation message; and
      
      matching, by the ONU/ONT, the logic registration ID o f the OLT with pre-stored logic registration IDs of OLTs authorized for access; and
      
      determining, by the ONU/ONT, that the authentication succeeds upon a condition that the logic registration ID of the OLT matches one of the pre-stored logic registration IDs.

8. A Passive Optical Network (PON), comprising an optical line terminal (OLT) and an Optical Network Unit/Optical Network Terminal (ONU/ONT):
- wherein the ONU/ONT is configured to receive a first negotiation message sent by the OLT and carrying a logic registration ID of the OLT, and authenticate the OLT according to the logic registration ID of the OLT; and
  
  the OLT is configured to receive a second negotiation message sent by the ONU/ONT and carrying a logic registration ID of the ONU/ONT, authenticate the ONU/ONT according to the logic registration ID of the ONU/ONT, and send a terminal identifier to the ONU/ONT, wherein the terminal identifier is allocated for the ONU/ONT after both the authentication on the ONU/ONT and the authentication on the OLT succeed.
- View Dependent Claims (9, 10, 11)
- - 9. The PON according to claim 8, wherein:
    - the OLT authenticates the ONU/ONT according to the logic registration ID of the ONU/ONT and one of information stored on the OLT and remote server interaction information.
  - 10. The PON according to claim 8, wherein:
    - the first negotiation message is a request message that instructs the ONU/ONT to report a Serial Number (SN); and
      
      the second negotiation message carries the SN of the ONU/ONT.
  - 11. The PON according to claim 8, wherein:
    - the logic registration ID of the OLT comprises;
      
      a device type of the OLT, version information of the OLT, a Media Access Control (MAC) address of the OLT, PON port information of the OLT, or function information of the OLT, or any combination thereof; and
      
      the logic registration ID of the ONU/ONT comprises;
      
      a device type of the ONU/ONT, version information of the ONU/ONT, a MAC address of the ONU/ONT, or function information of the ONU/ONT, or any combination thereof.

12. An Optical Network Unit/Optical Network Terminal (ONU/ONT), comprising:
- a logic registration ID receiving module, configured to receive a first negotiation message sent by an OLT and carrying a logic registration ID of the OLT;
  
  a matching module, configured to match the logic registration ID of the OLT received by the receiving module with logic registration IDs of OLTs authorized for access;
  
  a logic registration ID sending module, configured to send a second negotiation message which carries a logic registration ID of the ONU/ONT to the OLT, wherein the logic registration ID of the ONU/ONT is used to enable the OLT to authenticates the ONU/ONT; and
  
  a terminal identifier receiving module, configured to receive a terminal identifier allocated for the ONU/ONT, wherein the terminal identifier is sent by the OLT after both the authentication on the ONU/ONT and the authentication on the OLT succeed.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The ONU/ONT according to claim 12, wherein the ONU/ONT further comprises an authenticating module, configured to send an authentication request to the OLT to request the logic registration ID of the OLT.
  - 14. The ONU/ONT according to claim 12, wherein:
    - the logic registration ID of the OLT comprises;
      
      a device type of the OLT, version information of the OLT, a Media Access Control (MAC) address of the OLT, PON port information of the OLT, or function information of the OLT, or any combination thereof.
  - 15. The ONU/ONT according to claim 12, further comprising:
    - a storage module, configured to store logic the registration IDs of Optical Line Terminals (OLTs) authorized for access and the logic registration ID of the ONU/ONT.
  - 16. The ONU/ONT according to claim 12, wherein the first negotiation message is a request message that instructs the ONU/ONT to report a Serial Number (SN), and the second negotiation message carries the SN of the ONU/ONT.

17. An Optical Line Terminal (OLT), comprising:
- a logic registration ID sending module, configured to send a first negotiation message carrying a logic registration ID of the OLT to an Optical Network Unit/Optical Network Terminal (ONU/ONT), the logic registration ID of the OLT is used to enable the ONU/ONT authenticates the OLT;
  
  a logic registration ID receiving module, configured to receive a second negotiation message carrying a logic registration ID of the ONU/ONT, wherein the second negotiation message is returned by the ONU/ONT after the ONU/ONT succeeds in authenticating the OLT according to the logic registration ID of the OLT;
  
  an authenticating module, configured to;
  
  authenticate the ONU/ONT according to the logic registration ID of the ONU/ONT in the second negotiation message; and
  
  a terminal identifier allocating module, configured to allocate a terminal identifier for the ONU/ONT after the authenticating module determining that the authentication on the OLT succeeds, and send the allocated terminal identifier to the ONU/ONT.
- View Dependent Claims (18, 19, 20)
- - 18. The OLT according to claim 17, further comprising:
    - a storage module configured to store logic registration ID of legal ONU/ONTs, and the authenticating module matches the logic registration ID of the ONU/ONT in the second negotiation message with the logic registration IDs of legal ONU/ONTs stored in the storage module, and determine that the authentication on the OLT succeeds if the logic registration IDs match.
  - 19. The OLT according to claim 17, wherein:
    - the logic registration ID of the OLT comprises;
      
      a device type of the OLT, version information of the OLT, a Media Access Control (MAC) address of the OLT, PON port information of the OLT, or function information of the OLT, or any combination thereof.
  - 20. The OLT according to claim 17, wherein the first negotiation message is a request message that instructs the ONU/ONT to report a Serial Number (SN), and the second negotiation message carries the SN of the ONU/ONT.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Inventors
Gao, Bo, Lin, Wei

Application Number

US13/305,421
Publication Number

US 20120072973A1
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 63/0869   for achieving mutual authen...

H04L 9/3273   for mutual authentication n...

H04Q 11/0067   Provisions for optical acce...

H04Q 2011/0079   Operation or maintenance as...

H04Q 2011/0088   Signalling aspects

METHOD AND APPARATUS FOR AUTHENTICATION IN PASSIVE OPTICAL NETWORK AND PASSIVE OPTICAL NETWORK

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR AUTHENTICATION IN PASSIVE OPTICAL NETWORK AND PASSIVE OPTICAL NETWORK

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links