CN101478702B - Terminal detection authentication method, apparatus and operation management system in passive optical network - Google Patents

Terminal detection authentication method, apparatus and operation management system in passive optical network Download PDF

Info

Publication number
CN101478702B
CN101478702B CN2008101896355A CN200810189635A CN101478702B CN 101478702 B CN101478702 B CN 101478702B CN 2008101896355 A CN2008101896355 A CN 2008101896355A CN 200810189635 A CN200810189635 A CN 200810189635A CN 101478702 B CN101478702 B CN 101478702B
Authority
CN
China
Prior art keywords
terminal
code
onu
local side
logic poll
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2008101896355A
Other languages
Chinese (zh)
Other versions
CN101478702A (en
Inventor
吴炜
高海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN2008101896355A priority Critical patent/CN101478702B/en
Publication of CN101478702A publication Critical patent/CN101478702A/en
Application granted granted Critical
Publication of CN101478702B publication Critical patent/CN101478702B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Small-Scale Networks (AREA)

Abstract

The present invention provides a terminal detecting authentication method, a device and an operation management system in passive optical network. The method comprises the following steps: receiving the logic registration code which is possessed by the terminal and is transmitted by the terminal by a local terminal, confirming the terminal to a legal terminal after confirming that the logic registration code of terminal is matched with the logic registration code stored at the local terminal; recording the terminal sequence code obtained from the legal terminal by the local terminal, and recording as the terminal identification which is allocated to the legal terminal. The execution mode of the invention does not require configuring the terminal sequence code at the local terminal in a static state. The cost for maintaining local terminal and terminal is reduced. The flexibility of local detection and authentication is increased. The maintainability of local terminal and terminal is also increased.

Description

Terminal detection authentication method in the EPON, device and Operational Management System
Technical field
The present invention relates to the network communications technology field, be specifically related to terminal detection authentication method, device and Operational Management System in a kind of EPON.
Background technology
PON (Passive Optical Network, EPON) technology is the optical fiber access technology of a kind of point to multiple spot.PON is generally by OLT (the Optical Line Terminal of office's side; Optical line terminal), ONU/ONT of user side (Optical Network Unit/Optical Network Terminal, network unit/optical network terminal) and ODN (Optical Distribution Network) form.The PON port of OLT can insert a plurality of ONU/ONT.
At present, the detection of ONU/ONT and authentication method are in the registration process of ONU/ONT, to realize, the register flow path of ONU/ONT is shown in accompanying drawing 1.
Among Fig. 1, step 1, OLT send the information that request ONU/ONT reports SN (SerialNumber, sequence code) to each ONU/ONT.
The ONU/ONT of step 2, the above-mentioned information of reception reports the SN of oneself to OLT.
Step 3, OLT receive SN, and SN are detected promptly ONU/ONT is detected.Testing process is: be provided with SN among the OLT in advance, OLT matees SN that receives and pre-configured SN, if coupling, then ONU/ONT detects successfully; If do not match, then ONU/ONT detects failure.OLT distributes ONU-ID according to the corresponding relation of pre-configured SN and ONU-ID for detecting successful ONU/ONT, and the ONU-ID that distributes is sent to ONU/ONT.The ONU-ID here has uniqueness under a PON port.
Step 4, OLT accomplish the range finding of the ONU/ONT that has distributed ONU-ID.
Step 5, OLT send the information that request ONU/ONT reports Password (password) to the ONU/ONT that accomplishes range finding.
Step 6, the request of receiving report the ONU/ONT of the information of Password to report the Password of oneself to OLT.
Step 7, OLT write down from the terminal sequence code that said legal terminal is obtained according to the Pas local side that receives, and the terminal iidentification of said legal terminal distribution given in record.
Embodiment of the present invention also provides a kind of network equipment; Be positioned at passive optical network local side, this network equipment comprises: first memory module is used for the logic poll code of storage terminal; Wherein, Said logic poll code is dynamically generated by said local side, and in the process of user applies business, distributes to ONT Optical Network Terminal by said local side;
Sword carries out authentication to ONU/ONT, and behind authentication success, ONU/ONT succeeds in registration.
In realizing process of the present invention, the inventor finds to exist in the prior art following problem:
In the detection and verification process of above-mentioned ONU/ONT, need the static corresponding relation that SN and ONU-ID are set in OLT in advance, therefore, OLT can not realize automatic detection and the authentication to ONU/ONT, makes the very flexible of detection and the authentication of ONU/ONT.In addition, the SN among the OLT is managed by Operational Management System usually.Operational Management System writes down the SN of the ONU/ONT that provides, and in OLT, carries out the pre-configured of SN when the user provides ONU/ONT; In the time need changing ONU/ONT owing to reasons such as equipment faults, Operational Management System upgrades the SN of its record, and upgrades the SN among the OLT.That is to say that Operational Management System adopts the static management mode to the SN and the SN among the OLT of its record.The static management mode has increased the maintenance cost of Operational Management System, OLT, ONU/ONT, thereby has reduced the maintainability of Operational Management System, OLT and ONU/ONT.
Summary of the invention
Embodiment of the present invention provides terminal detection authentication method, device and the Operational Management System in a kind of EPON, can realize the automatic detection and the authentication at terminal, has improved that the terminal is detected and the maintainability at the flexibility of authentication and local side, terminal.
Terminal detection authentication method in a kind of EPON that embodiment of the present invention provides, the terminal has logic poll code, and said method comprises step:
The logic poll code that the local side receiving terminal sends, wherein, said logic poll code is dynamically generated by said local side, and in the process of user applies business, distributes to said terminal by said local side;
Said local side confirms that said terminal is a legal terminal after the logic poll code coupling of the logic poll code of determining said terminal and local side storage;
Local side writes down from the terminal sequence code that said legal terminal is obtained, and is recorded as the terminal iidentification that said legal terminal is distributed.
Embodiment of the present invention also provides a kind of network equipment; Be positioned at passive optical network local side, this network equipment comprises: first memory module is used for the logic poll code of storage terminal; Wherein, Said logic poll code is dynamically generated by said local side, and in the process of user applies business, distributes to ONT Optical Network Terminal by said local side;
Receiver module is used for logic poll code and terminal sequence code that receiving terminal sends;
Judge module is used for judging whether the logic poll code that the logic poll code that receiver module receives and first memory module are stored matees, and the output judged result;
Distribution module is used to the terminal distribution terminal iidentification, and output;
Second memory module is used for after the judged result information of judge module output coupling, the terminal iidentification of terminal sequence code that the storage receiver module receives and distribution module output.
Embodiment of the present invention also provides a kind of Operational Management System, is positioned at the local side of EPON, and said Operational Management System comprises: the logic poll code module; Be used for the stored logic registration code, be user's assignment logic registration code, and will transfer to optical line terminal for the logic poll code that the user distributes; Wherein, Said logic poll code is dynamically generated by said local side, and in the process of user applies business, distributes to ONT Optical Network Terminal by said local side;
The sequence code module is used to receive the sequence code of the next legal terminal of optical line terminal transmission, and stores.
Embodiment of the present invention also provides a kind of terminal equipment, is positioned at the user side of EPON, and said terminal equipment comprises:
Receive memory module, be used to receive and store the logic poll code of its place terminal equipment of input, wherein, said logic poll code is dynamically generated by local side, and in the process of user applies business, distributes to said terminal equipment by said local side;
Sending module is used for the request according to its place local side of receiving of terminal equipment, sends the logic poll code of storing in the said reception memory module to local side.
Description through technique scheme can be known; Embodiment of the present invention can not need at local side static configuration terminal sequence code; Through in detecting verification process, adopting logic poll code; After authentication was passed through, record was from terminal sequence code that legal terminal is obtained and be recorded as the terminal iidentification that legal terminal is distributed, and makes local side can realize automatic detection and authentication to the terminal; Local side is the terminal iidentification that legal terminal is distributed through sequence code and the local side that record obtains from legal terminal, makes local side carry out dynamic management to terminal sequence code and terminal iidentification, has reduced the maintenance cost at local side and terminal; Thereby improved that the terminal is detected and the maintainability at the flexibility of authentication and local side, terminal through technical scheme provided by the invention.
Description of drawings
Fig. 1 is the register flow path sketch map of ONU/ONT of the prior art;
Fig. 2 is the terminal detection authentication method schematic flow sheet of embodiment of the present invention;
Fig. 3 is the terminal detection authentication method sequential chart one of embodiment of the present invention;
Fig. 4 is the terminal detection authentication method sequential chart two of embodiment of the present invention.
Embodiment
Embodiment of the present invention is to utilize the logic poll code at terminal to realize the automatic detection at terminal and authentication.The terminal that provides in the face of embodiment of the present invention down detects and authentication method is elaborated.
In embodiment of the present invention, terminal such as ONU/ONT are to there being logic poll code.The logic poll code at terminal can be to carry out in the professional application process the user, and local side is a terminal distribution.Local side is after being the terminal distribution logic poll code; Need be recorded as the logic poll code of terminal distribution; For example, the Operational Management System of local side is the terminal distribution logic poll code, and preserves the logic poll code of its distribution; Operational Management System can also transfer to the logic poll code for terminal distribution among the OLT of local side, and OLT stores its logic poll code that receives.Logic poll code can dynamically be generated by local side.And logic poll code has uniqueness certain regional planted agent, and for example, under a PON port, the logic poll code at terminal should have uniqueness.Certainly, the logic poll code at terminal also can have uniqueness in global scope.Embodiment of the present invention is the zone of the logic poll code of limiting terminal with uniqueness not, the also concrete manifestation form of circumscription logic registration code not, and which equipment that does not limit equally by local side generates logic poll code.
In terminal detection and verification process, the terminal should at first obtain its logic poll code, and the logic poll code that gets access to is transferred to local side.The mode that the terminal obtains its logic poll code can receive the logic poll code of outside input for, terminal.For example, the terminal can provide local command line, the Web page or alternate manner to receive the logic poll code of outside input.The terminal also can be according to the information of outside input according to certain predetermined regular formation logic registration code, and the logic poll code that this moment, the terminal generated should be identical with the logic poll code that local side is preserved.Under the situation that the terminal is detected and verification process is accomplished in the endpoint registration process, the terminal can transfer to local side with its logic poll code in registration process.Embodiment of the present invention is not got rid of the possibility that the terminal is detected and verification process is independently realized and the terminal is detected and verification process is realized in other process.
The terminal can adopt existing message that its logic poll code is transferred to local side, and the terminal also can adopt special message for transmission logic registration code redetermination that its logic poll code is transferred to local side.And in the logic poll code transmission course, the terminal can adopt cipher mode to come the transmission logic registration code, also can not adopt cipher mode to come the transmission logic registration code.Embodiment of the present invention does not limit the concrete manifestation form of existing message, does not limit the concrete structure of the message of redetermination yet.
Local side is after receiving the next logic poll code of terminal transmission; The logic poll code of utilizing its logic poll code of storing in advance and terminal transmission is carried out authentication to the terminal, and for example, local side matees logic poll code and its logic poll code of storing in advance that terminal transmission is come; If confirm coupling; Confirm that then the terminal is a legal terminal,, confirm that then the terminal is an illegal terminal if confirm not match.
Local side is when confirming that the terminal is legal terminal, and record is the terminal iidentification that legal terminal is distributed from terminal sequence code and the local side that legal terminal is obtained.In embodiment of the present invention, the terminal sequence code of the legal terminal of local side record is obtained from legal terminal, this shows, embodiment of the present invention need be at the pre-configured terminal of local side sequence code.Though; Embodiment of the present invention need be in the logic poll code at the pre-configured terminal of local side, still, and because failure and other reasons need change the terminal time; Terminal after the replacing still can be used and changed the logic poll code that use at preceding terminal; And local side comes authentication is carried out at the terminal according to logic poll code, and therefore, local side can detect legal terminal automatically, obtain the terminal sequence code and the terminal iidentification of legal terminal automatically; Thereby avoided changing in the terminal procedures the user, local side needs the process of the terminal serial number after static configuration is changed.
The implementation procedure of the terminal iidentification at local side record terminal can have multiple, and for example, local side can confirm that the terminal is the terminal distribution terminal iidentification before being legal terminal, and after confirming that the terminal is legal terminal, writes down the terminal iidentification of this legal terminal; Again for example, local side can confirm that the terminal is the terminal distribution terminal iidentification after being legal terminal, and writes down the terminal iidentification of this legal terminal; Also have, local side can confirm that the terminal is terminal distribution ephemeral terminations sign before being legal terminal, is confirming that the terminal is the formal terminal iidentification of terminal distribution after being legal terminal, and the formal terminal iidentification of record legal terminal.Here the ephemeral terminations sign for terminal distribution can be to realize needs in order to satisfy terminal some in registration process; For example, at the terminal with the logic sign-on ID when reporting the transmission of messages of password, can be at first for terminal distribution ephemeral terminations sign, to accomplish follow-up ranging process, then, the terminal with the transmission of messages of logic sign-on ID through reporting password to local side.
The process of the terminal sequence code of local side record legal terminal can be the terminal sequence code of OLT record legal terminal; Also can for: the miscellaneous equipment of OLT and local side such as Operational Management System all write down the terminal sequence code of legal terminal.OLT can obtain and write down the terminal sequence code of legal terminal through receiving the terminal sequence code that the legal terminal transmission comes.OLT can transfer to the terminal sequence code of the legal terminal of its record other network equipment place such as Operational Management System of local side; Like this, Operational Management System can obtain and write down automatic detected terminal sequence code through the terminal sequence code that receives the next legal terminal of OLT transmission.
Operational Management System can be managed terminal sequence code, the terminal iidentification of its record, and Operational Management System can carry out maintenance management to OLT, terminal etc. according to terminal sequence code, the terminal iidentification of its record.
Below in conjunction with accompanying drawing terminal detection and the authentication method that embodiment of the present invention provides described.
The terminal that embodiment of the present invention provides is detected and the flow process of authentication method is illustrated shown in accompanying drawing 2.
Among Fig. 2; Step 1, Operational Management System generate a logic poll code for the employed ONU/ONT of the user who proposes professional application; And the logic poll code of storage generation, for example, Operational Management System is stored in the logic poll code that generates in the logic poll code database.Operational Management System can generate logic poll code according to certain concrete form, and the concrete form of formation logic registration code can be confirmed by Operational Management System.Operational Management System can guarantee that the logic poll code of its generation has uniqueness under a PON port when the formation logic registration code.
Step 2, Operational Management System are according to the business of user applies, and generation need be the service parameter of ONU/ONT configuration.Operational Management System need be issued to OLT for the service parameter of ONU/ONT configuration and the logic poll code of ONU/ONT.
Step 3, Operational Management System with the logic poll code message transmission of ONU/ONT to the user.
After step 4, ONU/ONT powered on, ONU/ONT received the logic poll code of outside input.For example, ONU/ONT utilizes the modes such as local command line, the Web page or other foreign mediums that himself provide to receive the logic poll code of outside input.
Step 5, ONU/ONT report OLT with logic poll code in registration process.OLT receives the logic poll code that ONU/ONT reports; And the logic poll code that ONU/ONT is reported and the logic poll code of its storage are mated; When confirming the logic poll code coupling of logic poll code that ONU/ONT reports and its storage, authentication success, this ONU/ONT of OLT affirmation is a legal terminal; The OLT record is from the SN of this legal terminal acquisition and the ONU-ID (terminal iidentification) that is recorded as this legal terminal distribution, and OLT successfully detects legal terminal; When confirming that logic poll code that ONU/ONT the reports logic poll code with its storage does not match, authentification failure, OLT confirm that this ONU/ONT is an illegal terminal, to the registration process end at this terminal.
Step 6, after ONU/ONT succeeds in registration, OLT reports to Operational Management System with the terminal SN that the transmission of detected legal terminal comes.OLT also can report to Operational Management System with the corresponding relation of SN and terminal iidentification.
Step 7, its terminal SN that receives of Operational Management System storage for example are stored in terminal SN in the SN database.Operational Management System can carry out maintenance management to OLT, ONU/ONT etc. according to the terminal SN of its storage.
In above-mentioned steps 5, ONU/ONT can come the transmission logic registration code through the Password message that reports in the registration process, and promptly ONU/ONT is carried at logic poll code in the parameter field that reports Password message, and will report the Password information reporting to OLT.Also can be between OLT and the ONU/ONT through the newly-increased request logic poll code message that is provided with, report logic poll code message to come the transmission logic registration code.Newly-increased request logic poll code message, report logic poll code message can all belong to PLOAM (physical layer operations maintenance) message.The concrete structure of two PLOAM message of above-mentioned redetermination can be shown in table 1, table 2.
The PLOAM message of table 1, down direction OLT request logic poll code;
Figure G2008101896355D00081
In the table 1, the 1st byte ONU-ID is used to carry the ONU-ID that local side is a terminal distribution; The 2nd byte Message ID is used to identify the message of this message for the request logic poll code; The 3rd byte to the 12 bytes are reserve bytes.
Table 2, up direction ONU/ONT report the PLOAM message of logic poll code;
Figure G2008101896355D00082
In the table 2, the 1st byte ONU-ID is used to carry the ONU-ID that local side is a terminal distribution; It is the message that reports logic poll code that the 2nd byte Message ID is used to identify this message; The 3rd byte to the 12 bytes are used for the logic poll code of carried terminal.
Above-mentioned table 1, table 2 only are object lessons of asking logic poll code message, reporting logic poll code message.In the embodiment of the present invention, the message of transmission logic registration code is not limited to above-mentioned concrete example.
The concrete implementation procedure of above-mentioned steps 5 can have following two kinds of implementations:
The automatic detection in terminal of mode one, the interim ONU-ID of elder generation's distribution, the formal ONU-ID of reallocation and verification process are shown in accompanying drawing 3.
Among Fig. 3, step 1, OLT send the request message that reports SN to all ONU/ONT.
After step 2, ONU/ONT receive the request message of OLT transmission, report the SN of oneself to OLT.
Step 3, OLT judge whether this SN write down after receiving the SN that ONU/ONT reports, and judge that promptly the SN that receives is and the SN coupling of its storage, if OLT judges the SN of its SN that receives for writing down, then arrives step 9; If OLT judges the SN of its SN that receives for not writing down, then OLT distributes interim ONU-ID for this ONU/ONT, then, sends interim ONU-ID to ONU/ONT, arrives step 4 again.OLT can select an ONU-ID as interim ONU-ID from untapped ONU-ID when distributing interim ONU-ID for ONU/ONT.
Step 4, OLT accomplish the range finding of the ONU/ONT that has distributed interim ONU-ID through carrying out data interaction with the ONU/ONT that has distributed interim ONU-ID.
Step 5, OLT send request logic poll code message to ONU/ONT, and this request logic poll code message can realize through the Password request message, also can realize through the request logic poll code message of newly-increased definition.
After step 6, ONU/ONT receive the request logic poll code message that OLT sends, report the logic poll code of oneself to OLT.ONU/ONT can be carried at logic poll code to report in the Password message and transfer to OLT, also can logic poll code be carried in the newly-increased logic poll code reporting message that defines and transfer to OLT.
Step 7, OLT obtain the logic poll code of ONU/ONT from the message that receives; And according to the pre-configured parameter of Operational Management System the logic poll code that gets access to is carried out verification, promptly OLT judge the logic poll code that gets access to whether with the logic poll code coupling of its storage, if coupling; Confirm that then this ONU/ONT is a legal terminal; And write down the SN of this ONU/ONT, stop the registration process of ONU/ONT simultaneously, to step 8; If do not match, confirm that then this ONU/ONT is an illegal terminal, directly stop registration process, can no longer carry out follow-up step.
Step 8, ONU/ONT reach the standard grade again and carry out follow-up registration process, and ONU/ONT reports the SN of oneself to OLT.Whether OLT searches this SN and write down after receiving the SN that ONU/ONT reports, if OLT judges the SN of its SN that receives for writing down, then arrives step 9; If OLT judges the SN of its SN that receives for not writing down, then OLT distributes interim ONU-ID for this ONU/ONT, then, sends interim ONU-ID to ONU/ONT, arrives step 4 again.
In step 8,, therefore, directly arrive step 9 because OLT had write down the SN of this ONU/ONT.
Step 9, OLT search corresponding ONU-ID, and with the ONU-ID that finds as formal ONU-ID.This formal ONU-ID can be interim ONU-ID, and the interim ONU-ID that distributes for ONU/ONT before promptly OLT incites somebody to action is as the formal ONU-ID of this ONU/ONT.OLT can bind the SN of this ONU/ONT and the formal ONU-ID of this ONU/ONT.
Step 10, OLT distribute to ONU/ONT with the said formal ONU-ID that finds.
Step 11, OLT accomplish the range finding of the ONU/ONT that has distributed formal ONU-ID through carrying out data interaction with the ONU/ONT that has distributed formal ONU-ID.
Step 12, OLT carry out the registration of ONU/ONT through carrying out data interaction with the ONU/ONT that has distributed formal ONU-ID, after succeeding in registration, to step 13.
Step 13, OLT come the ONU/ONT collocating traffic parameter for succeeding in registration through carrying out data interaction with the ONU/ONT that succeeds in registration.
Be directed against in the description of Fig. 3 above-mentioned; The logic poll code of ONU/ONT can be the ONU-ID of ONU/ONT; Promptly in the step 6 of above-mentioned Fig. 3; The logic poll code that ONU/ONT reports to OLT is the ONU-ID of ONU/ONT, that is to say, Operational Management System is ONU-ID for the logic poll code that the employed ONU/ONT of the user who proposes professional application generates in the step 1 of above-mentioned Fig. 2.
Certainly, in the description of Fig. 3, the logic poll code of ONU/ONT also can be different with the ONU-ID of ONU/ONT above-mentioned.Embodiment of the present invention does not limit the concrete manifestation form of the logic poll code of ONU/ONT.
In addition, in the description of above-mentioned Fig. 3, can pass through mark for marking terminal, office terminal between Operational Management System and the OLT; And can come marking terminal through ONU-ID between OLT and the ONU/ONT, the office terminal sign can adopt ONU-ID, also can adopt the sign that is different from ONU-ID.When the sign of the office terminal between Operational Management System and the OLT adopted ONU-ID, Operational Management System, OLT, ONU/ONT all adopted ONU-ID that ONU/ONT is identified.
Mode two, elder generation distribute ONU-ID, carry out automatic detection in terminal and verification process shown in accompanying drawing 4 again.
Among Fig. 4, step 1, OLT send the request message that reports SN to all ONU/ONT.
After step 2, ONU/ONT receive the request message of OLT transmission, report the SN of oneself to OLT.
After step 3, OLT received the SN that ONU/ONT reports, OLT selected an ONU-ID from untapped ONU-ID, and the ONU-ID that will select distributes to ONU/ONT.
Step 4, OLT accomplish the range finding of the ONU/ONT that has distributed ONU-ID through carrying out data interaction with the ONU/ONT that has distributed ONU-ID.
Step 5, OLT send request logic poll code message to ONU/ONT, and this request logic poll code message can realize through the Password request message, also can realize through the request logic poll code message of newly-increased definition.
After step 6, ONU/ONT receive the request logic poll code message that OLT sends, report the logic poll code of oneself to OLT.ONU/ONT can be carried at logic poll code to report in the Password message and transfer to OLT, also can logic poll code be carried in the newly-increased logic poll code reporting message that defines and transfer to OLT.
Step 7, OLT obtain the logic poll code of ONU/ONT from the message that receives; And according to the pre-configured parameter of Operational Management System the logic poll code that gets access to is carried out verification, promptly OLT judge the logic poll code that gets access to whether with the logic poll code coupling of its storage, if coupling; Confirm that then this ONU/ONT is a legal terminal; And writing down the SN of this ONU/ONT, OLT can bind the SN of this ONU/ONT and the ONU-ID of this ONU/ONT, to step 8; If do not match, confirm that then this ONU/ONT is an illegal terminal, directly stop registration process, can no longer carry out follow-up step.
Step 8, OLT carry out the registration of ONU/ONT through carrying out data interaction with legal ONU/ONT, after succeeding in registration, to step 9.
Step 9, OLT come the ONU/ONT collocating traffic parameter for succeeding in registration through carrying out data interaction with the ONU/ONT that succeeds in registration.
Step 10, ONU/ONT send the message that rolls off the production line to OLT when rolling off the production line.
After step 11, OLT receive the message that rolls off the production line that ONU/ONT sends, discharge the binding relationship of ONU-ID of SN and the ONU/ONT of ONU/ONT.
To in the description of Fig. 4, can pass through office terminal mark for marking terminal between Operational Management System and the OLT above-mentioned; And can come marking terminal through ONU-ID between OLT and the ONU/ONT, the office terminal sign can adopt ONU-ID, also can adopt the sign that is different from ONU-ID.When the sign of the office terminal between Operational Management System and the OLT did not adopt ONU-ID, the OLT in the step 7 can bind the SN of this ONU/ONT, the ONU-ID of this ONU/ONT and the office terminal sign of this ONU/ONT; Then in the step 11, need to discharge the SN of this ONU/ONT, the ONU-ID of this ONU/ONT and the office terminal sign binding relationship of this ONU/ONT.
From the description of said method execution mode, can find out; Embodiment of the present invention can not need in local side such as OLT and Operational Management System static configuration terminal sequence code; Through in detecting verification process, adopting logic poll code; After authentication was passed through, record was from terminal sequence code that legal terminal is obtained and be recorded as the terminal iidentification that legal terminal is distributed, and makes local side such as OLT can realize automatic detection and authentication to the terminal; OLT transfers to Operational Management System through the terminal sequence code and the terminal iidentification that will detect authentication automatically and get access to; Make Operational Management System can dynamically get access to terminal sequence code and terminal iidentification, avoided the process of Operational Management System static configuration terminal sequence code and terminal iidentification; Because failure and other reasons need change the terminal time, the logic poll code at the terminal before changing can be used in the terminal after the replacing, therefore, has avoided changing the terminal and the Operational Management System that brings upgrades the process of the sequence code of static configuration; Thereby make Operational Management System carry out dynamic management, and Operational Management System can utilize the terminal sequence code of dynamic acquisition and terminal iidentification that OLT, terminal are safeguarded easily to terminal sequence code and terminal iidentification; Finally reduced the maintenance cost at Operational Management System, OLT and terminal, improved that the terminal is detected and the maintainability at the flexibility of authentication and local side, terminal.
Embodiment of the present invention also provides a kind of network equipment, and this is positioned at passive optical network local side, can be the OLT of local side, and this network equipment comprises first memory module, receiver module, judge module, distribution module and second memory module.
First memory module is used for the logic poll code of storage terminal.The logic poll code of storing in first memory module can be the Operational Management System configuration of local side.
Receiver module is used for logic poll code and the terminal sequence code that receiving terminal sends.Receiver module can be to terminal request terminal sequence code and logic poll code, and then, receiving terminal is according to next terminal sequence code and the logic poll code of its request transmission again.
Judge module is used for judging whether the logic poll code that logic poll code that receiver module receives and memory module are stored matees, to confirm whether the terminal is legal terminal.Judge module output judged result information, for example judge module output match information, or the output information that do not match.
Distribution module is used to the terminal distribution terminal iidentification, and output.Distribution module can be the terminal distribution terminal iidentification before judge module is judged, also can after judge module is judged, be the terminal distribution terminal iidentification.
Second memory module is used for after the judged result information of judge module output coupling, the terminal iidentification of terminal sequence code that the storage receiver module receives and distribution module output.The terminal sequence code of storing in second memory module, terminal iidentification are the terminal sequence code and the terminal iidentification of automatic detected legal terminal.
This network equipment can also be optional comprise reporting module.Reporting module is used for the terminal sequence code of second memory module storage is reported to the Operational Management System of local side.Reporting module belongs to the terminal sequence code of the automatic detected legal terminal of the network equipment to the terminal sequence code that Operational Management System reports for it.
Implementation according to automatic detection authentication is different, and the concrete operations of above-mentioned distribution module, receiver module etc. are also different.The two kinds of concrete implementations of giving an example below.
Mode one, distribution module comprise judges that submodule, distribution sub module, receiver module comprise the first request submodule, the second request submodule and receive submodule.
The first request submodule sends the request message that reports SN to all ONU/ONT.Receive submodule and receive the SN that ONU/ONT reports.Judge that submodule is after receiving submodule and receiving the SN that ONU/ONT reports; Judge whether this SN that the reception submodule receives write down in second memory module; Promptly judge the SN receive be with second memory module in the SN coupling of storing; Judge that to receive the SN that submodule receives be the SN that second memory module write down if judge submodule, then notify distribution sub module to distribute formal ONU-ID; Judge that to receive the SN that submodule receives be the SN that second memory module did not write down if judge submodule, then notify distribution sub module to distribute interim ONU-ID.
Distribution sub module be the interim ONU-ID of this terminal distribution, and trigger network equipment is found range to this terminal after the information that receives the interim ONU-ID of distribution that judges submodule.This network equipment is accomplished the range finding of the ONU/ONT that has distributed interim ONU-ID through carrying out data interaction with the ONU/ONT that has distributed interim ONU-ID.
The second request submodule is accomplished the range finding back at the network equipment and is sent request logic poll code message to ONU/ONT; This request logic poll code message can realize through the Password request message, also can realize through the request logic poll code message of newly-increased definition.Receive submodule and from the message that receives, obtain the logic poll code that ONU/ONT reports.
Judge module is after the reception submodule receives logic poll code; Logic poll code according to the storage of first sub module stored is carried out verification to the logic poll code that the reception submodule receives; Be that judge module judges whether the logic poll code that the reception submodule receives matees with the logic poll code of first sub module stored storage; If coupling confirms that then this ONU/ONT is a legal terminal, notify the SN of this ONU/ONT of second memory module record; If do not match, confirm that then this ONU/ONT is an illegal terminal, directly stops registration process.
ONU/ONT reaches the standard grade again and carries out follow-up registration process, and ONU/ONT reports the SN of oneself to OLT.After receiving submodule and receiving the SN that ONU/ONT reports; Judge that submodule searches this SN and whether in second memory module, write down; Judge that to receive the SN that submodule receives be the SN that write down in second memory module if judge submodule, notifying distribution sub module is the formal ONU-ID of this terminal distribution; Judge that to receive the SN that submodule receives be the SN that did not write down in second memory module if judge submodule, then notifying distribution sub module is the interim ONU-ID of this terminal distribution.
Owing to go up in the line process again at the terminal; Second memory module had write down the SN of this ONU/ONT; Therefore, distribution sub module is searched ONU-ID behind the SN that the reception submodule receives; And the ONU-ID that finds distributed to this terminal as formal ONU-ID, and trigger network equipment is found range to this terminal.
The network equipment is accomplished the range finding of the ONU/ONT that has distributed formal ONU-ID through carrying out data interaction with the ONU/ONT that has distributed formal ONU-ID.The network equipment carries out the registration of ONU/ONT through carrying out data interaction with the ONU/ONT that has distributed formal ONU-ID, and after succeeding in registration, OLT comes the ONU/ONT collocating traffic parameter for succeeding in registration through carrying out data interaction with the ONU/ONT that succeeds in registration.In addition, when the sign of the office terminal between Operational Management System and the OLT adopts ONU-ID, can store the binding relationship of SN and ONU-ID in second memory module.
Mode two, receiver module comprise the first request submodule, the 3rd request submodule and receive submodule.
The first request submodule sends the request message that reports SN to all ONU/ONT.Receive submodule and receive the SN that ONU/ONT reports.Distribution module be terminal distribution ONU-ID, and trigger network equipment is found range to this terminal after receiving submodule and receiving the SN that ONU/ONT reports.This network equipment is accomplished the range finding of the ONU/ONT that has distributed ONU-ID through carrying out data interaction with the ONU/ONT that has distributed ONU-ID.
The 3rd request submodule is accomplished the range finding back at the network equipment and is sent request logic poll code message to ONU/ONT; This request logic poll code message can realize through the Password request message, also can realize through the request logic poll code message of newly-increased definition.Receive submodule and from the message that receives, obtain the logic poll code that ONU/ONT reports.
Judge module is after the reception submodule receives logic poll code; Logic poll code according to the storage of first sub module stored is carried out verification to the logic poll code that the reception submodule receives; Be that judge module judges whether the logic poll code that the reception submodule receives matees with the logic poll code of first sub module stored storage; If coupling confirms that then this ONU/ONT is a legal terminal, notify the SN of this ONU/ONT of second memory module record; If do not match, confirm that then this ONU/ONT is an illegal terminal, directly stops registration process.
The network equipment carries out the registration of ONU/ONT through carrying out data interaction with the ONU/ONT that has distributed formal ONU-ID, and after succeeding in registration, OLT comes the ONU/ONT collocating traffic parameter for succeeding in registration through carrying out data interaction with the ONU/ONT that succeeds in registration.
ONU/ONT sends the message that rolls off the production line to OLT when rolling off the production line.After OLT received the message that rolls off the production line that ONU/ONT sends, second memory module discharged the information of this ONU/ONT of its storage.When the sign of the office terminal between Operational Management System and the OLT did not adopt ONU-ID, the information of this ONU/ONT that stores in second memory module was: the binding relationship of the ONU-ID of the SN of ONU/ONT, the office terminal of ONU/ONT sign and ONU/ONT.
Embodiment of the present invention also provides the Operational Management System in a kind of passive optical network local side, and this Operational Management System comprises: logic poll code module and sequence code module.
The logic poll code module is used for the stored logic registration code, is user's assignment logic registration code, and will transfer to optical line terminal for the logic poll code that the user distributes.The logic poll code module can be transmitted the knowledge optical line terminal in the past with logic poll code and service parameter.Concrete like the description in the above-mentioned method execution mode.
The sequence code module is used to receive the sequence code of the next legal terminal of optical line terminal transmission, and storage.The sequence code that the optical line terminal transmission comes is the sequence code of the automatic detected legal terminal of optical line terminal.The sequence code module can be stored in the sequence code that receives in the SN database.Also be provided with the module that SN is managed in the Operational Management System.
Embodiment of the present invention also provides the terminal equipment in a kind of EPON, and this terminal equipment comprises: receive memory module and sending module.
Receive the logic poll code that memory module is used to receive and store its place terminal equipment of input.Receive local command line, the Web page or the outside logic poll code of importing of alternate manner reception that memory module can utilize terminal equipment to provide.Concrete like the description in the above-mentioned method execution mode.
Sending module is used for the request according to its place local side of receiving of terminal equipment, sends the logic poll code of storing in the said reception memory module to local side.For example, sending module is carried at logic poll code in the message that reports password and is sent to OLT; Again for example, sending module is carried at logic poll code in the newly-increased message that is exclusively used in the transmission logic registration code that defines and is sent to OLT.Concrete like the description in the above-mentioned method execution mode.
Though described the present invention through embodiment, those of ordinary skills know, the present invention has many distortion and variation and do not break away from spirit of the present invention, and the claim of application documents of the present invention comprises these distortion and variation.

Claims (12)

1. terminal detection authentication method in the EPON is characterized in that the terminal has logic poll code, and said method comprises step:
The logic poll code that the local side receiving terminal sends, wherein, said logic poll code is dynamically generated by said local side, and in the process of user applies business, distributes to said terminal by said local side;
Said local side confirms that said terminal is a legal terminal after the logic poll code coupling of the logic poll code of determining said terminal and local side storage;
The local side record is from the terminal sequence code that said legal terminal is obtained, and the terminal iidentification of said legal terminal distribution given in record.
2. the method for claim 1 is characterized in that, the step of the logic poll code that said local side receiving terminal sends comprises:
The optical line terminal of local side is this terminal distribution ephemeral terminations sign after receiving its Unrecorded terminal sequence code;
Said optical line terminal is asked the logic poll code at this terminal after the range finding of accomplishing the said terminal that is assigned the ephemeral terminations sign.
3. method as claimed in claim 2 is characterized in that, said local side record is from the terminal sequence code that said legal terminal is obtained, and record comprises for the step of the terminal iidentification of said legal terminal distribution:
The sequence code of said its said legal terminal that receives of optical line terminal record;
Said optical line terminal is receiving that said legal terminal is reached the standard grade again and after the sequence code that reports, for said legal terminal is distributed formal terminal iidentification, and writes down the formal terminal iidentification of said legal terminal.
4. the method for claim 1 is characterized in that, the step of the logic poll code that said local side receiving terminal sends comprises:
The optical line terminal of local side is said terminal distribution terminal iidentification after the sequence code at the terminal that receives its request, said optical line terminal is asked the logic poll code at this terminal after the range finding of accomplishing the said terminal that is assigned terminal iidentification.
5. like the described method of arbitrary claim in the claim 1 to 4, it is characterized in that the logic poll code of said local side storage comprises:
The logic poll code of the Operational Management System storage of local side; And
Said Operational Management System will transfer to optical line terminal for the logic poll code that the user distributes, the logic poll code that said optical line terminal receives and stores.
6. like the described method of arbitrary claim in the claim 1 to 4, it is characterized in that said method also comprises:
The optical line terminal of local side transfers to the Operational Management System of local side with the terminal sequence code of the legal terminal of said record, and said terminal sequence code is also managed in said Operational Management System record.
7. a network equipment is positioned at passive optical network local side, it is characterized in that, this network equipment comprises:
First memory module is used for the logic poll code of storage terminal, and wherein, said logic poll code is dynamically generated by said local side, and in the professional process of user applies, distributes to ONT Optical Network Terminal by said local side;
Receiver module is used for logic poll code and terminal sequence code that receiving terminal sends;
Judge module is used for judging whether the logic poll code that the logic poll code that receiver module receives and first memory module are stored matees, and the output judged result;
Distribution module is used to the terminal distribution terminal iidentification, and output;
Second memory module is used for after the judged result information of judge module output coupling, the terminal iidentification of terminal sequence code that the storage receiver module receives and distribution module output.
8. the network equipment as claimed in claim 7 is characterized in that:
Said distribution module comprises:
Judge submodule, be used for judging whether the terminal sequence code that receiver module receives is recorded in the terminal sequence code of second memory module storage, and export judged result;
Distribution sub module is used for after the judged result of judging submodule output record, being the formal terminal iidentification of this terminal distribution, after judging that submodule is exported Unrecorded judged result, is this terminal distribution ephemeral terminations sign; And the range finding of trigger network equipment is handled;
Said receiver module comprises:
First asks submodule, is used for the terminal sequence code of requesting terminal;
The second request submodule is used for after the network equipment at its place is accomplished the range finding at the said terminal that is assigned the ephemeral terminations sign, asking the logic poll code at this terminal;
Receive submodule, be used to receive the logic poll code and the sequence code at said terminal.
9. the network equipment as claimed in claim 8 is characterized in that, said receiver module comprises:
First asks submodule, is used for the terminal sequence code of requesting terminal;
The 3rd request submodule; Be used for that to receive the sequence code at terminal, said distribution module be after the network equipment at terminal distribution terminal iidentification and its place is accomplished the range finding at the said terminal that is assigned terminal iidentification receiving submodule, ask the logic poll code at this terminal;
Receive submodule, be used to receive the logic poll code and the sequence code at said terminal.
10. the network equipment as claimed in claim 8 is characterized in that, the said network equipment also comprises:
Reporting module is used for the terminal sequence code of said second memory module storage is reported to the Operational Management System of local side.
11. an Operational Management System is positioned at the local side of EPON, it is characterized in that said Operational Management System comprises:
The logic poll code module; Be used for the stored logic registration code, be user's assignment logic registration code, and will transfer to optical line terminal for the logic poll code that the user distributes; Wherein, Said logic poll code is dynamically generated by said local side, and in the process of user applies business, distributes to ONT Optical Network Terminal by said local side;
The sequence code module is used to receive the sequence code of the next legal terminal of optical line terminal transmission, and stores.
12. a terminal equipment is positioned at the user side of EPON, it is characterized in that said terminal equipment comprises:
Receive memory module, be used to receive and store the logic poll code of its place terminal equipment of input, wherein, said logic poll code is dynamically generated by local side, and in the process of user applies business, distributes to said terminal equipment by said local side;
Sending module is used for the request according to its place local side of receiving of terminal equipment, sends the logic poll code of storing in the said reception memory module to local side.
CN2008101896355A 2007-07-13 2007-07-13 Terminal detection authentication method, apparatus and operation management system in passive optical network Active CN101478702B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008101896355A CN101478702B (en) 2007-07-13 2007-07-13 Terminal detection authentication method, apparatus and operation management system in passive optical network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008101896355A CN101478702B (en) 2007-07-13 2007-07-13 Terminal detection authentication method, apparatus and operation management system in passive optical network

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN200710119103XA Division CN101083589B (en) 2007-07-13 2007-07-13 Terminal detection authentication process, device and operation administrative system in passive optical network

Publications (2)

Publication Number Publication Date
CN101478702A CN101478702A (en) 2009-07-08
CN101478702B true CN101478702B (en) 2012-11-21

Family

ID=40839324

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008101896355A Active CN101478702B (en) 2007-07-13 2007-07-13 Terminal detection authentication method, apparatus and operation management system in passive optical network

Country Status (1)

Country Link
CN (1) CN101478702B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8406628B2 (en) 2007-07-13 2013-03-26 Huawei Technologies Co., Ltd. Method, equipment, and system for detecting and authenticating terminal in passive optical network

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101990134B (en) * 2009-07-30 2015-05-06 中兴通讯股份有限公司 Method and system of dynamically managing serial number, optical line terminal and optical network unit
CN101692672B (en) * 2009-10-19 2016-02-10 中兴通讯股份有限公司 The register method of optical network unit in passive optical network and device
CN103248417B (en) * 2012-02-06 2019-05-21 中兴通讯股份有限公司 Identity distribution method and device in a kind of passive optical network
EP3007384B1 (en) * 2013-08-22 2021-03-10 Huawei Technologies Co., Ltd. Method, apparatus and system for terminal authentication in passive optical network
CN103618751B (en) * 2013-12-12 2016-08-31 绵阳芯联芯网络科技有限公司 Passive optical network service protection method based on separate mapping mechanism
CN104902354A (en) * 2015-06-18 2015-09-09 深圳市新格林耐特通信技术有限公司 Flexible and safe ONT authentication method in GPON system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6546014B1 (en) * 2001-01-12 2003-04-08 Alloptic, Inc. Method and system for dynamic bandwidth allocation in an optical access network
CN1941009A (en) * 2005-09-29 2007-04-04 普天信息技术研究院 Method for realizing fee payment by mobile telecommunication terminal
CN1988552A (en) * 2005-12-20 2007-06-27 中国电信股份有限公司 Method for automatic identifying and configurating terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6546014B1 (en) * 2001-01-12 2003-04-08 Alloptic, Inc. Method and system for dynamic bandwidth allocation in an optical access network
CN1941009A (en) * 2005-09-29 2007-04-04 普天信息技术研究院 Method for realizing fee payment by mobile telecommunication terminal
CN1988552A (en) * 2005-12-20 2007-06-27 中国电信股份有限公司 Method for automatic identifying and configurating terminal

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8406628B2 (en) 2007-07-13 2013-03-26 Huawei Technologies Co., Ltd. Method, equipment, and system for detecting and authenticating terminal in passive optical network
US8774629B2 (en) 2007-07-13 2014-07-08 Huawei Technologies Co., Ltd. Method and apparatus for authentication in passive optical network
US9397777B2 (en) 2007-07-13 2016-07-19 Huawei Technologies Co., Ltd. Method and apparatus for authentication in passive optical network
US9674172B2 (en) 2007-07-13 2017-06-06 Huawei Technologies Co., Ltd. Method and apparatus for authentication in passive optical network
US9942634B2 (en) 2007-07-13 2018-04-10 Huawei Technologies Co., Ltd. Method and apparatus for authentication in passive optical network

Also Published As

Publication number Publication date
CN101478702A (en) 2009-07-08

Similar Documents

Publication Publication Date Title
CN101083589B (en) Terminal detection authentication process, device and operation administrative system in passive optical network
CN101478702B (en) Terminal detection authentication method, apparatus and operation management system in passive optical network
CN101902447B (en) Authentication method and device in passive optical network and passive optical network
CN104584478B (en) Terminal authentication method, apparatus and system in passive optical network
CN102868943B (en) A kind of method, optical network apparatus and system obtaining PON port association relation
US20110167487A1 (en) Method, system and device for enabling user side terminal to obtain password
CN101515895B (en) Bandwidth allocation method, optical line terminator, optical network unit and communication system
US8983295B2 (en) Optical line terminal and method of registering optical network terminal thereof
CN105228183A (en) Upstream data abnormality eliminating method and device
CN101540936A (en) Station terminal device, communication system, subscriber device management method
US8451979B2 (en) System for correlating a subscriber unit with a particular subscriber in a passive optical network
CN101692716A (en) Optical line terminal, optical network unit and passive optical network system
CN101114910B (en) ONT/ONU authentication method and system in PON system
US11784741B2 (en) Optical network unit registration method for wavelength-selected wavelength division multiplexing passive optical network
CN102318362B (en) Devices and methods for sending data in passive optical network
CN101141411A (en) Method for implementing user port location in passive optical network access equipment
CN101277228B (en) Method, apparatus and system for interference orientation
CN101162947B (en) Method of implementing passive optical network system multicast service safety transmission
CN103222249B (en) Authentication method, device and system
CN103875255B (en) Logical links label L LID register methods, apparatus and system
WO2001078352A1 (en) Lending of local resource in a telecommunication and data communication system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant