JP6841120B2 - Subscriber-side termination device, station-side termination device, communication system, subscriber-side termination device program and station-side termination device program - Google Patents

Description

The present invention relates to an optical communication system, and more particularly to an apparatus, a communication system, and a program for confirming the validity of a station-side optical network unit by a station-side optical network unit.

In recent years, FTTH (Fiber To The Home) using an optical fiber for a transmission line has become widespread in order to provide high-speed and broadband broadband services to general private homes. PON (Passive Optical Network) is often used as an optical communication system for providing broadband services by FTTH, and there is GE-PON that employs Gigabit Ethernet (registered trademark) technology for PON.

GE-PON is an optical communication network system standardized by IEEE802.3ah, and is generally an optical network unit (OLT) and a subscriber optical network unit (ONU:). Optical Network Unit) and an optical splitter.

In the GE-PON defined by IEEE802.3ah, the P2MP (Point to MultiPoint) Discovery process for searching the ONU on the GE-PON is performed by the OLT at the initial stage of communication. Then, the OLT processes the OAM Discovery to confirm the support status of the OAM (Operation Management and Management) of each of the searched ONUs. Further, the OLT acquires the information held by the searched ONU. The information held by the ONU is, for example, hardware type information, hardware version, firmware version, MAC (Media Access Control) address, and the like.

Then, the OLT authenticates each ONU according to a predetermined connection authentication method, and the OLT communicates the main signal with the ONU that has succeeded in the authentication. An example of a predetermined connection authentication method is authentication by a MAC address and ID assigned to each ONU.

By the way, in an optical communication system using GE-PON, if a failure occurs in the OLT or the ONU itself, or in the communication section connecting the OLT and the ONU, the communication link between the OLT and the ONU is disconnected. In this case, in order to recover from the failure between the OLT and the ONU and reconnect the OLT and the ONU to restore the communication link, the OLT performs the above-mentioned P2MP Discovery processing, OAM Discovery processing, and connection authentication processing again. Do.

There is a technique described in Patent Document 1 as a technique for reconnecting the OLT and the ONU after a communication disconnection between the OLT and the ONU occurs.

In the technique described in Patent Document 1, the OLT registers the MAC address and ID of the ONU in the authentication database when the OLT and the ONU are connected for the first time. When the OLT and the ONU are connected for the second time or later, the OLT authenticates the ONU by referring to the MAC address of the ONU already registered in the authentication database. In addition, the OLT registers the MAC address and ID of the ONU and information indicating the priority in a pair in the authentication database. In the technique described in Patent Document 1, when the ONU is reconnected to the OLT after a communication disconnection occurs between the OLT and the ONU, the OLT refers to the authentication database and gives priority to the plurality of reconnected ONUs. Priority is given to high ONUs.

Japanese Unexamined Patent Publication No. 2012-124687

However, the communication system using GE-PON has the following problems.

A legitimate OLT that was connected to the ONU before the communication link between the OLT and the ONU was disconnected is replaced with an invalid OLT in the period from the occurrence of the communication link disconnection to the restoration of the communication link, or the legitimate OLT is unreasonable. It is assumed that the OLT will be modified by means. In the conventional GE-PON, the OLT only authenticates the ONU, and the ONU does not have a means for confirming the validity of the OLT (in other words, a means for determining that the OLT is an illegal OLT). Therefore, if the conventional ONU is connected to an invalid OLT at the time of reconnection accompanying communication restoration, the ONU cannot determine that it is an invalid OLT. Then, the information transmitted from the ONU may be leaked to an illegal OLT.

Therefore, even if an illegal OLT appears on the optical communication system when the communication between the OLT and the ONU is restored, the ONU can confirm the validity of the OLT and determine that it is an illegal OLT. There is a demand for programs for personal termination devices, station-side termination devices, communication systems, subscriber-side termination devices, and station-side termination devices.

The first subscriber-side termination device of the present invention is a subscriber-side termination device capable of communicating with the station-side termination device, and enables the station-side termination device to authenticate the subscriber-side termination device. An authentication password common to the station-side termination device, an arithmetic password common to the station-side termination device used by the subscriber-side termination device to determine the validity of the station-side termination device, and the station-side A storage unit that stores a function used to cause the termination device to perform an operation, a change rule common to the station-side termination device that defines the calculation password change process by the subscriber-side termination device, and the above. The operation password stored in the storage unit is assigned to the function to perform the operation, and the authentication password is transmitted to the station-side termination device, and further, the function and the station-side termination to the function. A request unit for transmitting a response request for the result of the operation to which the operation password stored in the device is assigned, an operation result for the response request received from the station-side termination device, and an operation result by the operation unit. By comparison, when the station-side termination device is judged to be valid, a judgment unit that outputs judgment information and the judgment information are input from the judgment unit to generate a new authentication password different from the authentication password. The new authentication password is input from one generation unit and the first generation unit, the value of the authentication password is changed to the value of the new authentication password, and the first one related to the new authentication password. It is characterized by having a processing unit that transmits information to the station-side termination device and changes the value of the calculation password by performing the change processing specified in the change rule.

The second station-side termination device of the present invention is a station-side termination device capable of communicating with the subscriber-side termination device.
An authentication password common to the subscriber-side termination device used by the station-side termination device to authenticate the subscriber-side termination device, and the subscriber-side termination device determining the validity of the station-side termination device. A memory for storing an calculation password common to the subscriber-side termination device and a change rule common to the subscriber-side termination device that defines the change processing of the calculation password by the station-side termination device. The unit is compared with the authentication password received from the subscriber-side termination device and the authentication password stored in the storage unit, and if both authentication passwords match, the subscriber-side termination device is authenticated. An authentication unit, a function for the station-side termination device to perform an operation from the subscriber-side termination device, and a response request for the result of the calculation in which the calculation password is assigned to the function are input, and the function. A new calculation unit that performs an operation by substituting the calculation password into, a transmission unit that transmits the calculation result by the calculation unit to the subscriber-side termination device, and a new password that is different from the authentication password from the subscriber-side termination device. The first information related to the authentication password is input, the value of the authentication password is changed to the value of the new authentication password, and the change process specified in the change rule is performed to obtain the calculation password. It is characterized by having a processing unit for changing a value.

The third subscriber-side termination device program of the present invention enables the station-side termination device to authenticate the computer of the subscriber-side termination device capable of communicating with the station-side termination device, and the station-side termination device to authenticate the subscriber-side termination device. An authentication password common to the station-side termination device, a calculation password common to the station-side termination device used by the subscriber-side termination device to determine the validity of the station-side termination device, and the above. A storage unit that stores a function used to cause the station-side termination device to perform an operation and a change rule common to the station-side termination device that defines the change processing of the calculation password by the subscriber-side termination device. A request unit that transmits the authentication password to the station-side termination device, and further transmits the function and a response request for the result of the calculation in which the calculation password stored in the station-side termination device is assigned to the function. , A calculation unit that performs a calculation by substituting the calculation password stored in the storage unit into the function, and comparing the calculation result for the response request received from the station-side termination device with the calculation result by the calculation unit. Then, if both calculation results match, the station-side termination device is determined to be valid, and the determination unit that outputs the determination information, the determination information is input from the determination unit, and is used for new authentication that is different from the authentication password. The new authentication password is input from the first generation unit and the first generation unit that generate a password, and the value of the authentication password is changed to the value of the new authentication password to become the new authentication password. It is characterized in that the first information is transmitted to the station-side termination device, and at the same time, it functions as a processing unit that performs the change processing specified in the change rule to change the value of the calculation password.

The fourth station-side termination device program of the present invention uses the computer of the station-side termination device capable of communicating with the subscriber-side termination device, and the station-side termination device uses the subscriber to authenticate the subscriber-side termination device. An authentication password common to the side termination device, an arithmetic password common to the subscriber side termination device that enables the subscriber side termination device to determine the validity of the station side termination device, and the station. A storage unit that stores a change rule common to the subscriber side termination device that defines the change processing of the calculation password by the side termination device, and an authentication password received from the subscriber side termination device and the storage unit. Compared with the stored authentication password, if both authentication passwords match, the authentication unit that authenticates the subscriber side termination device, and the station side termination device performs calculations from the subscriber side termination device. Function and a response request for the result of the operation in which the operation password is assigned to the function are input, and the operation unit that performs the operation by substituting the operation password into the function, the operation result by the operation unit The first information related to the new authentication password different from the authentication password is input from the transmitter and the subscriber side termination device, and the value of the authentication password is set to the new authentication. It is characterized in that it changes to the value of the password for calculation and functions as a processing unit that changes the value of the password for calculation by performing the change processing specified in the change rule.

According to the present invention, even if an illegal OLT appears on the optical communication system when the communication between the OLT and the ONU is restored, the ONU confirms the validity of the OLT and determines that the OLT is an illegal OLT. A subscriber-side termination device, a station-side termination device, a communication system, a subscriber-side termination device program, and a station-side termination device program that can be provided are provided.

It is a block diagram which shows the whole structure of the optical communication system which concerns on each embodiment of this invention. It is a block diagram which shows the internal structure of the OLT which concerns on each embodiment of this invention. It is a functional block diagram of the processing part in OLT of 1st Embodiment. It is a block diagram which shows the internal structure of the ONU which concerns on each embodiment of this invention. It is a functional block diagram of the processing part in ONU of 1st Embodiment. It is a sequence diagram which shows the exchange of communication at the time of the first connection between OLT-ONU in 1st Embodiment, and is the figure which shows the state of the storage part of each of OLT and ONU. It is a sequence diagram which shows the exchange of communication at the time of reconnection between OLT-ONU in 1st Embodiment, and is the figure which shows the state of the storage part of each of OLT and ONU. FIG. 5 is a configuration diagram showing an example of a connection configuration when an unauthorized OLT is connected in the optical communication system according to each embodiment of the present invention. In the first embodiment, it is a sequence diagram showing the exchange of communication when the fraudulent OLT and the ONU are connected, and the diagram showing the state of each storage unit of the fraudulent OLT and the ONU. In the first embodiment, it is a sequence diagram showing the exchange of communication when the OLT and the unauthorized ONU are connected, and the diagram showing the state of each storage unit of the OLT and the unauthorized ONU. It is a flowchart which shows the operation flow of ONU of 1st Embodiment. It is a flowchart which shows the operation flow of the OLT of 1st Embodiment. It is a functional block diagram of the processing part in OLT of 2nd Embodiment. It is a functional block diagram of the processing part in ONU of 2nd Embodiment. It is a sequence diagram which shows the exchange of communication at the time of the first connection between OLT-ONU in 2nd Embodiment, and is the figure which shows the state of the storage part of each of OLT and ONU. It is a sequence diagram which shows the exchange of communication at the time of reconnection between OLT-ONU in 2nd Embodiment, and is the figure which shows the state of the storage part of each of OLT and ONU. It is a flowchart which shows the operation flow of ONU of 2nd Embodiment. It is a flowchart which shows the operation flow of the OLT of the 2nd Embodiment.

(A) First Embodiment Refer to the drawing for the first embodiment of the subscriber side termination device, the station side termination device, the communication system, the program of the subscriber side termination device, and the program of the station side termination device of the present invention. I will explain in detail.

(A-1) Configuration of First Embodiment (A-1-1) Overall Configuration FIG. 1 shows the overall configuration of an optical communication system according to each embodiment (including the first embodiment) of the present invention. It is a block diagram. In FIG. 1, the optical communication system 1 includes an OLT 10, n ONU 20s (20-1 to 20-n, n is an integer of 1 or more), an optical splitter 30, an optical fiber trunk line 40, an optical fiber branch line 50, and a management device 60. Includes m user terminals 70 (70-1 to 70-m, m is an integer of 1 or more).

The optical communication system 1 has a configuration in which an OLT 10 and n ONUs 20 are connected one-to-many by using an optical splitter 30, an optical fiber trunk line 40, and an optical fiber branch line 50. Although a simple connection configuration is illustrated in FIG. 1 for ease of explanation, the connection configuration of the optical communication system 1 is not limited to that shown in FIG. 1, and various connection configurations can be adopted. ..

The OLT 10 is an optical network unit installed on the station side. The OLT 10 is connected to the optical splitter 30 by the optical fiber trunk line 40 and is also connected to the upper network 100. The method of connecting the OLT 10 and the upper network 100 is not limited to the connection by the optical fiber, and may be the connection by the electric line using the metal wire.

The n ONU 20s are optical line termination devices installed on the subscriber side. The n ONUs 20 are connected to the optical splitter 30 by the optical fiber branch line 50 and are connected to the m user terminals 70. Note that FIG. 1 illustrates a configuration (n = m) in which one user terminal 70 is connected to one ONU 20 for ease of explanation, but a plurality of user terminals are connected to one ONU 20. The configuration (n <m) may be used.

The optical splitter 30 branches the downlink signal received from the OLT 10 for each ONU 20, or multiplexes the uplink signal received from each ONU 20 and gives the uplink signal to the OLT 10.

In the optical communication system 1, a WDM (Wavelength Division Multiplexing) method using different wavelengths is adopted for downlink communication from OLT 10 to ONU 20 and uplink communication from ONU 20 to OLT 10. Further, the downlink communication from the OLT 10 to the plurality of ONU 20s is a broadcast method. Therefore, the OLT 10 assigns an LLID (Logical Link ID) as an identifier to each of the plurality of ONUs 20 and notifies each ONU of the LLID, and the OLT 10 embeds the LLID assigned to the downlink signal addressed to the ONU 20. The ONU 20 takes in the signal in which the LLID assigned to itself is embedded among the downlink signals received from the OLT 10, and discards the signal other than the signal addressed to itself. Further, since one optical fiber trunk line 40 is branched by the optical splitter 30, it is necessary to avoid a collision of uplink communication from the ONU 20 to the OLT 10. Therefore, the TDMA (Time Division Multiple Access) method is adopted for the uplink communication.

The management device 60 is connected to the OLT 10 by using, for example, a LAN (Local Area Network). The management device 60 is a device for maintaining and managing the OLT 10. For example, the OLT 10 holds information such as the operating state of the OLT 10 itself and the communication speed of uplink / downlink data in the optical communication system 1, and the management device 60 monitors the operating state of the optical communication system 1 by receiving such information from the OLT 10. To do. Further, the management device 60 may control the OLT 10 by transmitting control data to the OLT 10.

The m user terminals 70 are connected to the ONU 20. Examples of the connection method between the user terminal 70 and the ONU 20 include a wired LAN and a wireless LAN. The user terminal 70 is an arbitrary information terminal operated by the subscriber, and examples thereof include a personal computer, a mobile terminal, and a home appliance having a communication function.

(A-1-2) Internal Configuration of OLT 10 FIG. 2 is a configuration diagram showing an internal configuration of the OLT according to each embodiment (including the first embodiment) of the present invention. In FIG. 2, the OLT 10 includes an optical reception unit 110, a reception processing unit 120, an NNI (Network Node Interface) 130, a transmission processing unit 140, an optical transmission unit 150, a processing unit 160, and an external IF 170.

The optical reception unit 110 receives an optical signal from the ONU 20 via the optical fiber branch line 50, the optical splitter 30, and the optical fiber trunk line 40, converts the optical signal into an electric signal, and gives the optical signal to the reception processing unit 120.

The reception processing unit 120 performs reception processing such as serial-parallel conversion and error correction on the signal given from the optical reception unit 110 under the control of the processing unit 160. The signal received and processed by the reception processing unit 120 includes information transmitted from the user terminal 70 to the upper network 100, an authentication password received from the ONU 20, an arithmetic function, and a new authentication password. The details of the authentication password, the calculation function, and the new authentication password will be described later.

The NNI 130 is an interface that connects the OLT 10 and the upper network 100. As NNI130, for example, an existing Ethernet (registered trademark) interface can be applied. The NNI 130 receives a signal addressed to the upper network 100 from the reception processing unit 120 and transmits it to the upper network 100, or gives a signal received from the upper network 100 to the transmission processing unit 140.

The transmission processing unit 140 performs transmission processing such as coding, error correction, serial / parallel conversion, etc. on the signal given from the upper network 100 and the signal given from the processing unit 160 under the control of the processing unit 160. .. The electric signal transmitted and processed by the transmission processing unit 140 includes information transmitted from the upper network 100 to the user terminal 70 and information on the calculation result transmitted to the ONU 20. The details of the calculation result information will be described later.

The optical transmission unit 150 receives an electric signal from the transmission processing unit 140, converts the electric signal into an optical signal, and sends the electric signal to the optical fiber trunk line 40. The optical signal transmitted by the optical transmission unit 150 is received by the ONU 20 via the optical fiber trunk line 40, the optical splitter 30, and the optical fiber branch line 50.

The processing unit 160 controls the function on the OLT 10 side for the ONU 20 to confirm the validity of the OLT 10 in this embodiment. The processing unit 160 has, for example, a control means such as a CPU (Central Processing Unit), a ROM (Read only memory), a RAM (Random access memory), an EEPROM (Electrically Erasable Program), and an interface such as an EEPROM (Electrical Processing Unit). Yes, the function of the OLT 10 is realized by the CPU executing the program stored in the ROM.

The external IF 170 is an interface for connecting the OLT 10 and the management device 60. The external IF 170 is connected to the processing unit 160. The external IF 170 receives information such as the operating state of the OLT 10 held by the OLT 10 and the communication speed of uplink / downlink data in the optical communication system 1 from the processing unit 160, and transmits this to the management device 60. Further, the external IF 170 receives the control data from the management device 60 and gives it to the processing unit 160.

FIG. 3 is a functional block diagram of the processing unit 160 in the OLT 10 of the first embodiment.

In FIG. 3, the processing unit 160 includes an authentication unit 1610, a calculation unit 1620, and a storage unit 1630. In FIG. 3, the authentication unit 1610, the calculation unit 1620, and the storage unit 1630 are connected by a bus line 1640.

The authentication unit 1610 performs the authentication process of the ONU 20 based on the authentication password received from the ONU 20 and the authentication password of the ONU 20 stored in advance in the storage unit 1630. The details of the operation of the authentication unit 1610 will be described later.

The calculation unit 1620 performs a calculation based on the calculation function received from the ONU 20 and the calculation password associated with the ONU 20 stored in advance in the storage unit 1630. Here, the arithmetic function derives a unique value (calculation result) when a predetermined value is assigned. In this embodiment, the type of the operation function is not limited, but it is preferable to use a function such as a one-way function having a property that it is difficult to back-calculate the value assigned from the operation result. The calculation unit 1620 substitutes the calculation password stored in the storage unit 1630 into the calculation function received from the ONU 20, and obtains the calculation result. In this embodiment, the ONU 20 may hold the arithmetic function in advance, and the arithmetic function may be stored in the storage unit 1630, for example.

The storage unit 1630 stores the MAC address of the ONU 20, the authentication password associated with the MAC address, and the calculation password. The storage unit 1630 is realized by a storage device such as the EEPROM described above as an example. As shown in FIG. 3, the storage unit 1630 has n tables 1631 (1631-11631-n, n is 1) in which the MAC addresses of each of the n ONU20s, the authentication password, and the calculation password are associated with each other. The above integer is equal to the number of ONU 20 in the optical communication system 1). The authentication password and the calculation password stored for each of the n ONU 20s are also stored in the ONU 20 having the corresponding MAC address. The authentication password and the calculation password are used for the operation of the authentication unit 1610 and the calculation unit 1620, and the details will be described later. In this embodiment, the arithmetic function may be stored in the storage unit 1630 as described above.

The internal configuration of the OLT 10 in the first embodiment has been described above. Subsequently, the internal configuration of the ONU 20 in the first embodiment will be described.

(A-1-3) Internal Configuration of ONU 20 FIG. 4 is a configuration diagram showing an internal configuration of the ONU according to each embodiment of the present invention. In FIG. 2, the ONU 20 includes an optical reception unit 210, a reception processing unit 220, a UNI 230, a transmission processing unit 240, an optical transmission unit 250, and a processing unit 260.

The optical reception unit 210 receives an optical signal from the OLT 10 via the optical fiber trunk line 40, the optical splitter 30, and the optical fiber branch line 50, converts the optical signal into an electric signal, and gives the optical signal to the reception processing unit 220.

The reception processing unit 220 performs reception processing such as serial-parallel conversion and error correction on the signal given from the optical reception unit 210 under the control of the processing unit 260. The signal received and processed by the reception processing unit 220 includes information transmitted from the upper network 100 to the user terminal 70, authentication permission notification received from the OLT 10, and calculation result information. The details of the authentication permission notification and the calculation result information will be described later.

The UNI (User Network Interface) 230 is an interface for connecting the ONU 20 and the user terminal 70. For example, an existing Ethernet (registered trademark) interface can be applied as the UNI 230, and the ONU 20 and the user terminal 70 are connected using a wired LAN, a wireless LAN, or the like. The UNI 230 receives a signal addressed to the user terminal 70 from the reception processing unit 220 and transmits the signal to the user terminal 70, or gives the signal received from the user terminal 70 to the transmission processing unit 240.

Under the control of the processing unit 260, the transmission processing unit 240 performs transmission processing such as coding, error correction, serial / parallel conversion, etc. on the signal given from the user terminal 70 and the signal given from the processing unit 260. Do. The signal to be transmitted by the transmission processing unit 240 includes information from the user terminal 70 to the upper network 100, an authentication password from the processing unit 260 to the OLT 10, and an arithmetic function.

The optical transmission unit 250 receives an electric signal from the transmission processing unit 240, converts the electric signal into an optical signal, and transmits the electric signal to the optical fiber branch line 50.

The processing unit 260 controls the function on the ONU20 side for the ONU20 to confirm the validity of the OLT 10 in the present invention. The processing unit 260 has, for example, a CPU, a ROM, a RAM, an EEPROM, an input / output interface, and the like, and the function of the ONU 20 is realized by the CPU executing a program stored in the ROM.

FIG. 5 is a functional block diagram of the processing unit 260 in the ONU 20 of the first embodiment.

In FIG. 5, the processing unit 260 includes a request unit 2610, a calculation unit 2620, a determination unit 2630, an authentication password generation unit 2640, and a storage unit 2650. In FIG. 5, the authentication unit 2610, the calculation unit 2620, the determination unit 2630, the authentication password generation unit 2640, and the storage unit 2650 are connected by a bus line 2660.

The requesting unit 2610 requests the OLT 10 to perform an authentication request for the ONU 20 using the authentication password transmitted from the ONU 20 to the OLT 10 and the authentication password stored in the OLT 10. Further, the request unit 2610 requests the OLT 10 to execute the operation using the operation function and to respond to the operation result. If the operation of the OLT 10 is specified in advance so that the OLT 10 authenticates the ONU 20 when the OLT 10 receives the authentication password from the ONU 20, the transmission of the ONU 20 authentication request by the request unit 2610 may be omitted.

The calculation unit 2620 executes a calculation based on the calculation function notified to the OLT 10 in response to the request by the request unit 2610 and the calculation password stored in advance in the storage unit 2650. The calculation performed by the calculation unit 2620 of the ONU 20 is the same as the calculation performed by the calculation unit 1620 of the OLT 10 described above. That is, the calculation unit 2620 substitutes the calculation password stored in the storage unit 2650 into the calculation function notified to the OLT 10 to obtain the calculation result.

The determination unit 2630 compares the calculation result received from the OLT 10 with the calculation result by the calculation unit 2620. The determination unit 2630 determines that it is true when both calculation results match, and determines that it is false if they do not match. When the determination unit 2630 makes a true determination, the determination unit 2630 notifies the authentication password generation unit 2640 of the determination result. The determination unit 2630 determines that the operation result received from the OLT 10 is true if it matches the operation result expected by the determination unit 2630, and the operation result received from the OLT 10 is inconsistent with the operation result expected by the determination unit 2630. For example, it may be determined to be false. For example, it is assumed that the calculation result B of the OLT 10 is expected from the calculation result A by the calculation unit 2620, and it may be determined whether or not the calculation result actually received from the OLT 10 is the expected calculation result B.

When the authentication password generation unit 2640 receives a true determination result from the determination unit 2630, the authentication password generation unit 2640 generates a new authentication password (hereinafter referred to as a new authentication password) different from the authentication password stored in the storage unit 2650. To do. As a method of generating a new authentication password, a predetermined value (x) represented by a decimal number, a hexadecimal number, a binary number, or the like is substituted into a predetermined one-way function such as a hash function (h [x]). The calculation result (h [x]) of the hash function may be used as a new authentication password. Further, the authentication password generation unit 2640 may be provided with a random number generator (not shown) to generate a random number, and this random number may be used as a new authentication password.

The storage unit 2650 stores the MAC address of the ONU 20, the authentication password associated with the MAC address, and the calculation password. The storage unit 2650 is realized by a storage device such as the EEPROM described above as an example. As shown in FIG. 5, the storage unit 2650 holds a table 2651 in which the MAC address of the ONU 20 itself, the authentication password, and the calculation password are associated with each other. The authentication password and the calculation password stored in the storage unit 2650 of the ONU 20 are also stored in the storage unit 1630 of the OLT 10. The authentication password and the calculation password are used for the operation by the request unit 2610 and the calculation unit 2620, and the details will be described later.

(A-2) Communication Sequence of First Embodiment Next, the operation in the optical communication system according to the first embodiment will be described in detail with reference to the drawings.

(A-2-1) Initial authentication between OLT and ONU FIG. 6 shows a sequence diagram showing communication exchanges at the time of initial connection between OLT and ONU in the first embodiment, and storage units of OLT and ONU, respectively. It is a figure which shows the state.

When the OLT 10 and the ONU 20 are connected for the first time, the storage unit 2650 of the ONU 20 holds its own MAC address "MAC1" and the authentication password "Local" in the first connection in the table 2651, and does not hold the calculation password. (61 in FIG. 6). Further, the storage unit 1630 of the OLT 10 holds the MAC address "MAC1" of the ONU20 and the authentication password "Local" in the initial connection in the table 1631 corresponding to the MAC address "MAC1" of the ONU20, and holds the password for calculation. It is assumed that there is no password (62 in FIG. 6). When the OLT10 and the ONU20 are connected for the first time, for example, the person in charge of the line construction site stores the MAC address "MAC1" of the ONU20 in the OLT10, and gives both the OLT10 and the ONU20 the authentication password "Local" for the first connection. You may set it.

When the OLT 10 and the ONU 20 are connected via the optical fiber trunk line 40, the optical fiber branch line 50, and the optical splitter 30 and the optical signal can be transmitted and received, the P2MP Discovery process is executed between the OLT 10 and the ONU 20 (S101). The OLT 10 detects the ONU 20 by the P2MP Discovery process, and assigns the detected ONU 20 an LLID for identifying n ONUs (ONU20-1 to ONU20-n in FIG. 1) in the optical communication system 1. As described above, the LLID is embedded in the downlink signal transmitted from the OLT 10 to the ONU 20. As a result, the ONU 20 can select and capture the downlink signal addressed to the ONU 20 itself from the downlink signal received from the OLT 10. In addition, the round-trip transmission time (RTT: Round Trip Time) of signal transmission between the OLT 10 and the ONU 20 is measured by the P2MP Discovery process. Further, the OLT 10 and the ONU 20 are internally provided with counters (not shown) for time synchronization, and both the counters of the OLT 10 and the ONU 20 count with different values by the measured RTT. As a result, time synchronization is performed between the OLT 10 and the ONU 20. In this way, a communication link for performing communication after S101 is provided between the OLT 10 and the ONU 20.

The OAM Discovery process is then executed between the OLT 10 and the ONU 20 (S102). The OLT 10 grasps the correspondence status of the OAM function (maintenance management function) in the ONU 20 by the OAM Discovery process.

Next, the ONU 20 transmits its own MAC address "MAC1" and the authentication password "Local" to the OLT 10, and also transmits an authentication request using this authentication password to the OLT 10 (S103). As described above, if the operation of the OLT 10 is specified in advance to authenticate the ONU 20 when the OLT 10 receives the authentication password from the ONU 20, the ONU 20 transmits at least its own MAC address and the authentication password to the OLT 10. However, the transmission of the authentication request by the ONU 20 may be omitted.

When the OLT 10 receives the MAC address, the authentication password, and the authentication request from the ONU 20, the table corresponding to the MAC address "MAC1" received from the ONU 20 from the tables 1631 to 1631-n of the storage unit 1630 (FIG. 6). 62) is specified. Then, it is determined whether or not the authentication password held in the table and the authentication password received from the ONU 20 match. In 62 of FIG. 6, the authentication password “Local” held by the OLT 10 matches the authentication password “Local” received from the ONU 20. The OLT 10 transmits an authentication permission notification to the ONU 20 (S104). If the operation of the OLT 10 is specified in advance to authenticate the ONU 20 when the authentication password is received from the ONU 20, the OLT 10 performs the above authentication process even if the authentication request is not received from the ONU 20. You may.

When the ONU 20 receives the authentication permission notification from the OLT 10, the authentication password generation unit 2640 generates a new authentication password "A" and notifies the OLT 10 of this (S105). In generating the new authentication password "A", for example, a hash function may be used as described above. Specifically, the calculation result h [T] in which the time T when the ONU 20 receives the authentication permission notification in S104 is substituted into the hash function h [x] may be used as the new authentication password “A”. Further, the calculation result h [Local] in which the authentication password “Local” stored in the storage unit 2650 by the ONU 20 is substituted into the hash function h [x] may be used as the new authentication password “A”. Further, the calculation result h [MAC1] in which the MAC address “MAC1” of the ONU 20 is substituted into the hash function h [x] may be used as the new authentication password “A”. When the new authentication password "A" is generated by using the hash function h [x], the value x assigned to the hash function h [x] is not limited to the above example. Further, for example, as described above, the authentication password generation unit 2640 may be provided with a random number generator (not shown), and the generated random number may be used as the new authentication password "A". The ONU 20 notifies the OLT 10 of the new authentication password "A" in S105, replaces the authentication password "Local" stored in the storage unit 2650 with the new authentication password "A", and sends the old authentication to the OLT 10 in S103. The password for calculation (“Local” in 61 in FIG. 6) is retained as the password for calculation (63 in FIG. 6). The process of replacing the authentication password stored in the storage unit 2650 and the process of holding the calculation password in the storage unit 2650 are executed by a control means (such as the CPU described above) included in the processing unit 260 (FIG. 4). To.

When the OLT 10 receives the new authentication password "A" from the ONU 20, the OLT 10 replaces the authentication password "Local" stored in the storage unit 1630 with the new authentication password "A", and at the same time, the old authentication password received from the ONU 20 in S103. The password (“Local” in 62 in FIG. 6) is retained as the password for calculation (64 in FIG. 6). The process of replacing the authentication password stored in the storage unit 1630 and the process of holding the calculation password in the storage unit 1630 are executed by a control means (such as the CPU described above) included in the processing unit 160 (FIG. 2). To. Then, the OLT 10 notifies the ONU 20 that the change of the new authentication password and the calculation password has been completed (S106).

When the ONU 20 receives the notification by S106 from the OLT 10, the authentication sequence at the time of the first connection ends. In S106 and later, the OLT 10 allocates a band to the ONU 20 by the DBA (Dynamic Bandwidth Allocatin) function as in the conventional optical communication system, and the ONU 20 communicates according to the band and the transmission timing specified by the OLT 10.

The ONU20 may transmit the authentication password, the authentication request, and the new authentication password by generating and transmitting a frame based on, for example, an extended OAM frame defined by IEEE802.3ah. The authentication permission notification and the password retention completion notification by the OLT 10 may also be transmitted by generating a frame based on the extended OAM frame defined by, for example, IEEE802.3ah. Further, the rule for changing the calculation password in the OLT 10 and the ONU 20, that is, holding the old authentication password (“Local” in 62 in FIG. 6) as the calculation password in the first embodiment is held between the OLT 10 and the ONU 20. You may share it in advance with. For example, a rule for changing the calculation password may be incorporated into the firmware of the OLT 10 and the ONU 20 according to the present embodiment at the manufacturing stage. Further, for example, in the communication at the time of the first connection between the OLT and the ONU shown in FIG. 6, the ONU 20 may notify the OLT 10 of the calculation password change rule at an arbitrary timing (for example, together with S105).

(A-2-2) Authentication at the time of reconnection of OLT and ONU Then, referring to FIG. 7, after the connection (communication link) between OLT 10 and ONU 20 was disconnected, the OLT 10 and ONU 20 were reconnected. The case (when the communication link is restored) authentication will be described. FIG. 7 is a sequence diagram showing communication exchanges at the time of reconnection between the OLT and the ONU in the first embodiment, and a diagram showing the states of the storage units of the OLT and the ONU, respectively.

As shown in FIG. 6, after S106 at the time of the first connection, the OLT 10 and the ONU 20 commonly hold the authentication password "A" and the calculation password "Local". In FIG. 7, in a state where both the OLT 10 and the ONU 20 hold the authentication password “A” and the calculation password “Local”, a failure occurs in the OLT or the ONU itself, or in the communication section connecting the OLT and the ONU, and the ONU 20 and the OLT 10 It shows the case where the connection with is disconnected and the ONU 20 is reconnected to the same OLT 10 as before the disconnection.

When the OLT 10 and the ONU 20 are reconnected via the optical fiber trunk line 40, the optical fiber branch line 50, and the optical splitter 30 to enable transmission and reception of optical signals, a P2MP Discovery process is performed between the OLT 10 and the ONU 20 (S201), and the OLT 10 and the ONU 20 are reconnected via the optical fiber trunk line 40, the optical fiber branch line 50, and the optical splitter 30. The OAM Splitry process is executed (S202).

Next, the ONU 20 transmits its own MAC address "MAC1" and the authentication password "A" to the OLT 10, and also transmits an authentication request using this authentication password to the OLT 10 (S203).

When the OLT 10 receives the MAC address, the authentication password, and the authentication request from the ONU 20, the table corresponding to the MAC address "MAC1" received from the ONU 20 in the tables 1631 to 1631-n of the storage unit 1630 (FIG. 7). 72) is identified. Then, it is determined whether or not the authentication password held in the table and the authentication password received from the ONU 20 match. In 72 of FIG. 7, the authentication password “A” held by the OLT 10 matches the authentication password “A” received from the ONU 20. The OLT 10 transmits an authentication permission notification to the ONU 20 (S204).

Upon receiving the authentication permission notification from the OLT 10, the ONU 20 transmits a predetermined calculation function to the OLT 10, performs a calculation using the calculation password and the calculation function held by the OLT 10, and returns a request (calculation result). The response request) is transmitted to the OLT 10 (S205). Further, the ONU 20 performs an calculation using the calculation function transmitted to the OLT 10 by the calculation unit 2620 and the calculation password held in the storage unit 2650 of the ONU 20, and holds the calculation result.

When the OLT 10 receives the calculation function and the calculation result response request from the ONU 20, the calculation unit 1620 performs the calculation using the calculation function and the calculation password stored in the storage unit 1630. The OLT 10 transmits the calculation result to the ONU 20 (S206).

When the ONU 20 receives the calculation result from the OLT 10, the determination unit 2630 determines whether or not the calculation result received from the OLT 10 and the calculation result by the calculation unit 2620 of the ONU 20 match. The calculation password held by the ONU 20 in 71 of FIG. 7 is “Local”, and the calculation password held by the OLT 10 in 72 of FIG. 7 is also “Local”. Therefore, since the calculation results of both ONU20 and OLT10 match, the determination unit 2630 determines that it is true. If the determination result of the determination unit is true, the ONU 20 generates a new authentication password "B" by the authentication password generation unit 2640 and notifies the OLT 10 of this (S207). The new authentication password "B" may be generated by using the hash function h [x] as in the case of the first authentication between the OLT and the ONU (FIG. 6). Specifically, the calculation result h [T] in which the time T when the ONU 20 receives the calculation result response in S206 is substituted into the hash function h [x] may be used as the new authentication password “B”. Further, the calculation result h [A] in which the authentication password “A” stored in the storage unit 2650 by the ONU 20 is substituted into the hash function h [x] may be used as the new authentication password “B”. Further, for example, as described above, the authentication password generation unit 2640 may be provided with a random number generator (not shown), and the generated random number may be used as the new authentication password "B". When the new authentication password "B" is generated by using the hash function, the value x assigned to the hash function h [x] is not limited to the above example. The ONU 20 notifies the OLT 10 of the new authentication password "B" in S207, replaces the authentication password "A" stored in the storage unit 2650 with the new authentication password "B", and notifies the OLT 10 in the old authentication in S203. The password for calculation (“A” in 71 in FIG. 7) is retained as the password for calculation (73 in FIG. 7). The old calculation password (“Local” in 71 of FIG. 7) is discarded.

When the OLT 10 receives the new authentication password "B" from the ONU 20, it replaces the authentication password "A" stored in the storage unit 1630 with the new authentication password "B", and at the same time, the old authentication password received from the ONU in S203. The password (“A” in 72 of FIG. 7) is retained as the calculation password (74 of FIG. 7). The old calculation password (“Local” in 72 of FIG. 7) is discarded. Then, the OLT 10 notifies the ONU 20 that the change of the new authentication password and the calculation password has been completed (S208).

When the ONU 20 receives the notification from the OLT 10 in S208, the authentication sequence at the time of reconnection ends. In S208 and later, the OLT 10 allocates a band to the ONU 20 by the DBA function as in the conventional optical communication system, and the ONU 20 communicates according to the band and the transmission timing specified by the OLT 10.

The ONU 20 may transmit the calculation function and the calculation result response request by generating and transmitting a frame based on the extended OAM frame defined by, for example, IEEE802.3ah. In the transmission of the calculation result response by the OLT 10, for example, a frame may be generated and transmitted based on the extended OAM frame defined by IEEE802.3ah.

(A-2-3) When the ONU and the illegal OLT are connected Subsequently, after the connection (communication link) between the OLT 10 and the ONU 20 is disconnected, the opposite device to which the ONU 20 tries to reconnect becomes the illegal OLT. The sequence when it becomes is explained. FIG. 8 is a configuration diagram showing an example of a connection configuration when an unauthorized OLT is connected in the optical communication system according to each embodiment (including the first embodiment) of the present invention. FIG. 9 is a sequence diagram showing communication exchanges when an unauthorized OLT and an ONU are connected in the first embodiment, and a diagram showing a state of each storage unit of the unauthorized OLT and the ONU.

In FIG. 8, after the connection between the OLT 10 and the ONU 20 is disconnected, the optical fiber trunk line 40 connecting the OLT 10 and the optical splitter 30 is disconnected, and the physical connection between the OLT 10 optical and the splitter 30 is lost, and instead, the physical connection between the OLT 10 optical and the splitter 30 is lost. It shows how the rogue OLT 80 is connected to the optical splitter 30 using the optical fiber 41. The fraudulent OLT here is a device that unconditionally notifies the authentication permission regardless of the MAC address and the authentication password to be connected, and attempts to suck up the data transmitted from the ONU 20. It is assumed that the OLT 10 in the optical communication system 1 is modified by, for example, an unauthorized program to replace the unauthorized OLT80 (not shown), but the communication sequence between the ONU 20 and the unauthorized OLT80 in that case is also described below. Similar to what is described.

In FIG. 9, it is assumed that the authentication sequence at the time of initial connection between the OLT 10 and the ONU 20 shown in FIG. 6 is completed, and the ONU 20 holds the authentication password “A” and the calculation password “Local” (91 in FIG. 9). ). Further, the fraudulent OLT80 does not hold the authentication password and the calculation password corresponding to the MAC address "MAC1" of the ONU20, and the fraudulent OLT80 holds the fraudulent authentication password "X1" and the fraudulent calculation password "X2". (92 in FIG. 9).

When the rogue OLT80 and ONU20 are connected via the optical fiber trunk line 40, the optical fiber branch line 50, and the optical splitter 30 and optical signals can be transmitted and received, a P2MP Discovery process is performed between the rogue OLT80 and ONU20 (S301). In addition, the OAM Discovery process is executed (S302).

The ONU 20 transmits its own MAC address "MAC1" and an authentication password "A" to the unauthorized OLT80, and also transmits an authentication request using this authentication password to the unauthorized OLT80 (S303).

The fraudulent OLT80 unconditionally transmits the authentication permission to the ONU20 regardless of the MAC address and the authentication password to be connected to the ONU20. Therefore, the unauthorized OLT80 transmits an authentication permission notification to the ONU20 regardless of the MAC address and the authentication password received from the ONU10 in the S303 (S304).

When the ONU 20 receives the authentication permission notification from the fraudulent OLT80 (however, at this point, the ONU20 has not yet determined that the opposite device is the fraudulent OLT80), the ONU20 transmits a predetermined arithmetic function to the fraudulent OLT80 and is valid. A request for returning a calculation result (calculation result response request) by performing a calculation using the calculation password and the calculation function to be held by the OLT 10 is transmitted to the invalid OLT 80 (S305). Further, the ONU 20 performs an calculation using the calculation function transmitted to the illegal OLT 80 by the calculation unit 2620 and the calculation password held in the storage unit 2650 of the ONU 20, and holds the calculation result.

The fraudulent OLT80 does not hold the calculation password that the legitimate OLT10 should hold, that is, the calculation password "Local" in 64 of FIG. Therefore, the calculation result of the calculation function in the invalid OLT80 does not match the calculation result when the legitimate OLT10 performs the calculation (in other words, the invalid OLT80 derives the invalid calculation result). As a result, the invalid OLT 80 transmits an invalid calculation result to the ONU 10 (S306).

When the ONU 20 receives the calculation result from the invalid OLT80, the determination unit 2630 determines whether or not the calculation result by the received invalid OLT80 and the calculation result by the calculation unit 2620 of the ONU 20 match. In 91 of FIG. 9, the calculation password held by the ONU 20 is "Local", whereas in 92 of FIG. 9, the calculation password held by the illegal OLT 80 is "X2". Therefore, since the calculation results of the ONU 20 and the invalid OLT 80 do not match, the determination unit 2630 determines that the result is false. In response to the determination by the determination unit 2630 as false, the ONU 20 determines that the user terminal 70 connected to the ONU 20 determines that the opposite device connected to the ONU 20 itself is an illegal OLT80 (in other words, an illegal OLT80 is detected). Notify (S307).

The ONU 20 may send a detection notification (S307) of the fraudulent OLT80 by transmitting information (for example, an error code or the like) indicating that the fraudulent OLT80 has been detected to the user terminal 70. Further, the ONU 20 may transmit information to the user terminal 70 to display a notification screen indicating that an illegal OLT80 has been detected on the screen of the user terminal 70. The notification screen may display an icon or a message in the notification area of the user terminal 70 defined by the OS (Operating System) installed in the user terminal 70, for example, the Web provided in the user terminal 70. The browser may display an HTML (HyperText Markup Language) format screen.

When the ONU 20 notifies the user terminal 70 of the detection of the fraudulent OLT80, the communication sequence between the fraudulent OLT80 and the ONU20 ends. In S307 and later, the processing unit 260 of the ONU 20 causes the storage unit 2650 to hold the identifier (for example, MAC address or IP address) of the invalid OLT80, and the ONU20 communicates with the unauthorized OLT80 having the identifier, that is, to the unauthorized OLT80. The signal transmission and the signal reception from the illegal OLT80 may be prevented, and the communication with the illegal OLT80 may be cut off.

As described above, according to the communication sequence shown in FIG. 9, the ONU 20 can determine that the opposite device connected to the ONU 20 itself is an illegal OLT80, and can notify the user terminal 70 of the determination result.

Even if the connection between the ONU 20 and the OLT 10 is disconnected again after the reconnection sequence between the ONU 20 and the OLT 10 shown in FIG. 7 is completed and the OLT 10 is replaced with the invalid OLT 80 at the time of reconnection, the ONU 20 detects the invalid OLT 80. The sequence is the same as in FIG. 9, except that the authentication password held by the ONU 20 and the calculation password are different.

(A-2-4) When the OLT and the illegal ONU are connected Then, referring to FIG. 10, the illegal ONU is connected to the OLT 10 after the connection (communication link) between the OLT 10 and the ONU 20 is disconnected. The sequence when trying to explain will be described. FIG. 10 is a sequence diagram showing communication exchange when the OLT and the illegal ONU are connected in the first embodiment, and a diagram showing the state of each storage unit of the OLT and the illegal ONU.

Here, the illegal ONU is a device that holds the MAC address of the legitimate ONU leaked for some reason. The fraudulent ONU 90 in FIG. 10 holds a legitimate MAC address of the ONU 20, impersonates the ONU 20 and connects to the OLT 10 to illegally use the optical communication system 1.

In FIG. 10, it is assumed that the authentication sequence at the time of initial connection between the OLT 10 and the ONU 20 shown in FIG. 6 is completed, and the OLT holds the authentication password “A” and the calculation password “Local” (102 in FIG. 10). ). Further, it is assumed that the fraudulent ONU 90 holds the MAC address "MAC1" of the ONU 20 and holds the fraudulent authentication password "X3" (101 in FIG. 10).

When the OLT 10 and the illegal ONU 90 are connected via the optical fiber trunk line 40, the optical fiber branch line 50, and the optical splitter 30 and the optical signal can be transmitted and received, the P2MP Discovery process is performed between the OLT 10 and the illegal ONU 90 (S301). In addition, the OAM Discovery process is executed (S302).

The unauthorized ONU 90 transmits a MAC address "MAC1" imitating the ONU 20 and an unauthorized authentication password "X1" to the OLT 10, and also transmits an authentication request using the authentication password to the OLT 10 (S403).

When the OLT 10 receives the authentication password and the authentication request from the fraudulent ONU90 (however, at this point, the OLT10 has not yet determined that the opposite device is the fraudulent ONU90), the table 1631-1 to 1631- of the storage unit 1630. Among n, the table (102 in FIG. 10) corresponding to the MAC address “MAC1” received from the illegal ONU 90 is specified. Then, it is determined whether or not the authentication password held in the table and the authentication password received from the unauthorized ONU 20 match. In 102 of FIG. 10, the authentication password held by the OLT 10 is “A”, which does not match the authentication password “X1” received from the unauthorized ONU 90. The OLT 10 does not send an authentication permission notification to the fraudulent ONU 90, but notifies the management device 60 that the opposite device connected to the OLT 10 itself is determined to be the fraudulent ONU 90 (in other words, the fraudulent ONU 90 is detected) (S404).

The OLT 10 may send a detection notification (S404) of the fraudulent ONU 90 by transmitting information (for example, an error code) indicating that the fraudulent ONU 90 has been detected to the management device 60. Further, the OLT 10 may transmit information to the management device 60 to display a notification screen indicating that an unauthorized ONU 90 has been detected on the screen of the management device 60. For example, if the management device 60 uses a personal computer, the notification screen displays an icon or a message in the notification area of the user terminal 70 defined by the OS installed in the management device 60. May be good. Further, if the management device 60 has a dedicated management software installed on the personal computer, an icon or a message may be displayed on the management screen defined by the management software.

When the OLT 10 notifies the management device 60 of the detection of the illegal ONU 90, the communication sequence between the OLT 10 and the illegal ONU 90 ends. In S404 and later, the processing unit 160 of the OLT 10 stores the identifier (for example, MAC address and IP address) of the illegal ONU 90 in the storage unit 1630, and the OLT 10 communicates with the illegal ONU 90 having the identifier, that is, to the illegal ONU 90. The signal transmission and the signal reception from the unauthorized ONU 90 may be prevented, and the communication with the unauthorized ONU 90 may be cut off.

As described above, according to the communication sequence shown in FIG. 10, the OLT 10 can determine that the opposite device connected to the OLT 10 itself is an unauthorized ONU 90, and notify the management device 60 of the determination result.

Even if the connection between the ONU 20 and the OLT 10 is disconnected again after the reconnection sequence between the ONU 20 and the OLT 10 shown in FIG. 7 is completed and the unauthorized ONU 90 tries to connect to the OLT 10 instead of the ONU 20 at the time of reconnection, the OLT 10 The sequence for detecting an illegal ONU 90 is the same as that in FIG. 10, except that the authentication password held by the OLT 10 and the calculation password are different.

(A-3) Operation of First Embodiment Next, the operation flow of the ONU and OLT for realizing each communication sequence of the first embodiment described above will be described with reference to the drawings.

(A-3-1) Operation Flow of ONU of the First Embodiment FIG. 11 is a flowchart showing the operation flow of the ONU of the first embodiment. In the communication sequences shown in FIGS. 6, 7, and 9 described above, the operation of the ONU 20 is represented by the flowchart shown in FIG.

The ONU 20 executes a P2MP Discovery process and an OAM Discovery process with the OLT 10 (S501). This corresponds to S101 and S102 in FIG. 6, S201 and S202 in FIG. 7, and S301 and S302 in FIG.

The ONU 20 then requests the OLT 10 to authenticate (S502). This authentication request includes the MAC address of ONU20 and the authentication password stored in ONU20. The request for authentication is made by the requesting unit 2610 (FIG. 5). The operation of S502 corresponds to S103 of FIG. 6, S203 of FIG. 7, and S303 of FIG.

Next, the ONU 20 determines whether or not the authentication permission notification has been received from the OLT 10 (S503). When the authentication permission notification is received from the OLT 10, the process proceeds to S504. If the authentication permission notification is not received from the OLT 10, the process proceeds to S504 when the authentication permission notification is received from the OLT 10.

When the ONU 20 receives the authentication permission notification from the OLT 10, it determines whether or not the calculation password is held in the storage unit 2650 of the ONU 20 at the time of reception (S504). The state in which the storage unit 2650 holds the calculation password corresponds to the state at the time of reconnection shown in 71 of FIG. 7 or 91 of FIG. 9, and the process proceeds to S505. The state in which the storage unit 2650 does not hold the calculation password corresponds to the state at the time of the first authentication shown in 61 of FIG. 6, and the process proceeds to S509.

The ONU 20 transmits an arithmetic function to the OLT 10 and requests the OLT 10 to respond to the arithmetic result (S505). The response request of the calculation result is made by the request unit 2610 (FIG. 5). The operation of S505 corresponds to S205 of FIG. 7 and S305 of FIG.

Further, the ONU 20 performs an calculation based on the calculation function transmitted to the OLT 10 and the calculation password stored in the storage unit 2650, and holds the calculation result (S506). The calculation is performed by the calculation unit 2620 (FIG. 5).

The ONU 20 determines whether or not the calculation result has been received from the OLT 10 (S507). When the calculation result is received from the OLT 10, the process proceeds to S508. When the calculation result is not received from the OLT 10, the process waits until the calculation result is received, and when the calculation result is received from the OLT 10, the process proceeds to S508.

The ONU 20 determines whether or not the calculation result received from the OLT 10 and the calculation result by the ONU 20 itself match (S508). The determination of the calculation result is performed by the determination unit 2630 (FIG. 5). If the calculation results of both the OLT 10 and the ONU 20 match, the process proceeds to S509. If the determination in S508 is affirmative, it means that the OLT to be reconnected is the OLT 10 that was connected to the ONU 20 before the connection was disconnected, as shown in FIG. If the calculation results of both the OLT 10 and the ONU 20 do not match, the process proceeds to S511. Note that the negative determination in S508 means that the reconnection destination OLT is not the OLT that was connected to the ONU20 before the connection was disconnected, as shown in FIG. 9, but the invalid OLT (illegal in FIGS. 8 and 9). It means that it is OLT80).

ONU20 generates a new authentication password (S509). The new authentication password is generated by the authentication password generation unit 2640 (FIG. 5). Here, the new authentication password generated in S509 via S508 corresponds to the authentication password "B" in 73 of FIG. 7. When the determination is denied in S504 and the process proceeds to S509, the new authentication password generated in S509 corresponds to the authentication password "A" in 63 of FIG.

The ONU 20 notifies the OLT 10 of the generated new authentication password, updates the storage unit 2650, replaces the authentication password with the new calculation password, and retains the old authentication password as the calculation password (S510). The notification of the new authentication password in S510 corresponds to S105 in FIG. 6 and S207 in FIG. 7. The update of the storage unit 2650 performed in S510 via S508 and S509 corresponds to holding the authentication password "B" and the calculation password "A" in 73 of FIG. 7. When the determination is denied in S504 and the process proceeds to S509 and then to S510, the update of the storage unit 2650 performed in S510 holds the authentication password "A" in 63 of FIG. 6 and the calculation password. Corresponds to holding "Local". When the process of S510 is completed, the operation of ONU 20 shown in FIG. 11 is completed.

When the determination is denied in S508 and the process proceeds to S511, the ONU 20 notifies the user terminal 70 that the illegal OLT80 has been detected (S511). After S511, the ONU 20 prevents communication with the unauthorized OLT80, that is, transmission of a signal to the unauthorized OLT80 and reception of a signal from the unauthorized OLT80, and blocks communication with the unauthorized OLT80 as described above. May be good. When the process of S511 is completed, the operation of ONU 20 shown in FIG. 11 is completed.

(A-3-2) Operation Flow of OLT of the First Embodiment FIG. 12 is a flowchart showing the operation flow of the OLT of the first embodiment. In the communication sequences shown in FIGS. 6, 7, and 10 described above, the operation of the OLT 10 is represented by the flowchart shown in FIG.

The OLT 10 executes a P2MP Discovery process and an OAM Discovery process with the OLT 20 (S601). This corresponds to S101 and S102 in FIG. 6, S201 and S202 in FIG. 7, and S401 and S402 in FIG.

Next, the OLT 10 determines whether or not an authentication request has been received from the ONU 20 (S602). When the authentication request is received from the ONU 20, the process proceeds to S603. When the authentication request is not received from the ONU 20, the process waits until the old authentication is received, and when the authentication request is received from the ONU 20, the process proceeds to S603.

When the OLT 10 receives the authentication request, it determines whether or not the authentication password included in the authentication request received from the ONU 20 matches the authentication password associated with the MAC address of the ONU 10 stored in the OLT 10 (S603). ). This determination is made by the authentication unit 1610 (FIG. 3). If the authentication password received from the ONU 20 and the authentication password stored in the OLT 10 match, the process proceeds to S604. If the determination in S604 is affirmative, it means that the ONU attempting to connect to the OLT is a legitimate ONU as shown in FIG. 6 or FIG. If the authentication password received from the ONU 20 and the authentication password stored in the OLT 10 do not match, the process proceeds to S610. If the determination in S603 is negative, it means that the ONU trying to connect to the OLT is not a legitimate ONU but an illegal ONU (illegal ONU 90 in FIG. 10) as shown in FIG.

The OLT 10 transmits an authentication permission notification to the ONU 20 (S604). This corresponds to S104 in FIG. 6 and S204 in FIG. 7.

After transmitting the authentication permission notification to the ONU 20, the OLT 10 determines whether or not a predetermined calculation function and a response request for the calculation result have been received from the ONU 20 (S605). If the operation function and the response request of the operation result are received from the ONU 20, the process proceeds to S606, and if not received, the process proceeds to S607. When the determination of S605 is affirmed and the process proceeds to S606, this corresponds to the fact that the OLT 10 and the ONU 20 are reconnected as shown in FIG. 7, and the ONU 20 is trying to confirm the validity of the OLT 10.

The OLT 10 performs an operation based on the operation function received from the ONU 20 and the response request of the operation result, and transmits the operation result to the ONU 20 (S606). This calculation is performed by the calculation unit 1620, and the calculation unit 1620 performs the calculation using the calculation function and the calculation password associated with the ONU 20 stored in the storage unit 1630. The notification of the calculation result corresponds to 206 in FIG. 7.

The OLT 10 determines whether or not a new authentication password has been received from the ONU 20 after transmitting the calculation result to the ONU 20 (S607). If the new authentication password is received from ONU20, the process proceeds to S608. If not received, the process waits until the new authentication password is received, and if the new authentication password is received from ONU20, the process proceeds to S608. When the determination of S605 is denied and the process proceeds to S607, and then the OLT10 receives the new authentication password from the ONU20 in the S607, this corresponds to the first connection between the OLT10 and the ONU20 as shown in FIG. ..

Based on the new authentication password received from the ONU 20, the OLT 10 replaces the authentication password stored in the storage unit 1630 with the new authentication password, and retains the old authentication password as the calculation password (S608). The update of the storage unit 1630 performed in S608 via S605, S606 and S607 corresponds to holding the authentication password "B" and holding the calculation password "A" in 74 of FIG. 7. When the determination is denied in S605 and the process proceeds to S607 and the new authentication password is received from ONU20 in S607, the authentication password "A" is retained in 64 of FIG. 6 and the calculation password "Local". Is equivalent to being retained.

When the update of the storage unit 1630 is completed, the OLT 10 notifies the ONU 20 of the completion of the change of the authentication password and the calculation password (S609). This corresponds to S106 in FIG. 6 and S208 in FIG. 7. When the processing of S609 is completed, the operation of the OLT 10 shown in FIG. 12 is completed.

When the determination is denied in S603 and the process proceeds to S610, the OLT 10 notifies the management device 60 that an illegal ONU 90 has been detected (S610). After S610, the OLT 10 prevents communication with the unauthorized ONU 90, that is, signal transmission to the unauthorized ONU 90 and signal reception from the unauthorized ONU 90, and blocks communication with the unauthorized ONU 90 after S610. May be good. When the processing of S610 is completed, the operation of the OLT 10 shown in FIG. 12 is completed.

In FIG. 12, after the OLT 10 sends the authentication permission notification to the ONU 20 in S604, if the operation function and the operation result response request are not received from the ONU 20 within a certain period of time in S605, the process proceeds to S610. May be good. Further, after the OLT 10 notifies the ONU 20 of the calculation result in S606, if the new authentication password is not received from the ONU 20 within a certain time in S607, the process may proceed to S610.

As described above, the ONU 10 operates based on the flowchart shown in FIG. 11, and the OLT 20 operates based on the flowchart shown in FIG. 12, so that between the ONU and the OLT shown in FIGS. 6, 7, 9, and 10. A communication sequence is realized.

(A-4) Effect of First Embodiment According to the first embodiment described above, when the OLT 10 and the ONU 20 are reconnected after the communication (communication link) between the OLT 10 and the ONU 20 is disconnected. , The ONU20 is authenticated by the OLT10, and the validity of the OLT10 is further confirmed by the ONU20. Therefore, even if the counter device to be reconnected by the ONU 20 is replaced by the fraudulent OLT80, the ONU 20 can determine that the counter device connected to the ONU 20 itself is the fraudulent OLT80. Therefore, it is possible to prevent the information transmitted by the ONU 20 from leaking to the unauthorized OLT80.

Further, every time the ONU 20 confirms the validity of the OLT 10, a new authentication password is generated, and the authentication password and the calculation password held by both the ONU 20 and the OLT 10 are updated. Therefore, even if a part of the passwords held by the OLT 10 and the ONU 20 is stolen by a third party, it is possible to make it difficult for the third party to realize an unauthorized device (illegal OLT or unauthorized ONU). For example, when the OLT 10 and ONU 20 shown in FIG. 7 are reconnected, a third party steals the calculation password "Local" (71 in FIG. 7), sets the stolen calculation password "Local" to an invalid OLT80, and then reconnects. Even if an illegal OLT80 is added to the optical communication system 1 at the time of connection, the calculation password used at the next reconnection is "A" (73 in FIG. 7), so the illegal OLT80 responds to the calculation request from the ONU 20. Cannot respond with a valid operation result. Therefore, the fraudulent OLT80 is detected by the ONU20.

Further, for example, when the OLT 10 and the ONU 20 shown in FIG. 7 are reconnected, a third party steals the authentication password "A" (71 in FIG. 7), sets the stolen authentication password "A" to the unauthorized ONU 90, and then sets the following. Even if an unauthorized ONU90 is added to the optical communication system 1 at the time of reconnection, the authentication password used at the next reconnection is "B" (73 in FIG. 7), so the unauthorized ONU90 performs a correct calculation for the OLT10. Cannot send password for. Therefore, the fraudulent OLT 90 is detected by the OLT 10.

(B) Second Embodiment Hereinafter, the second embodiment of the subscriber side termination device, the station side termination device, the communication system, the program of the subscriber side termination device, and the program of the station side termination device of the present invention will be shown in the drawings. Will be explained in detail with reference to.

In the first embodiment, the ONU 20 authenticates the OLT 10 based on the calculation result of the calculation function received from the OLT 10, generates a new authentication password, and notifies the OLT 10 of the new authentication password (S105 in FIG. 6, FIG. 7 S207). Further, when updating the authentication password and the calculation password stored in the storage unit 2650, the ONU 20 replaces the authentication password with the new authentication password and retains the old authentication password as the calculation password (63 in FIG. 6). , 73) in FIG. When updating the authentication password and the calculation password stored in the storage unit 1630, the OLT 10 also replaces the authentication password with the new authentication password and retains the old authentication password as the calculation password (64 in FIG. 6, 74 of FIG. 7).

On the other hand, in the second embodiment, the OLT 10b and the ONU 20b hold a common calculation password generation rule between the OLT 10b and the ONU 20b in the communication sequence at the time of the first connection. Further, the ONU 20b notifies the OLT 10b of information indicating an authentication password generation rule. Furthermore, when the ONU20b updates the authentication password and the calculation password stored in the storage unit, the authentication password is replaced with the new authentication password, and the new calculation password is used based on the calculation password generation rule common to the OLT 10b. Generate a password and replace the calculation password with the new calculation password. Further, the OLT 10b generates a new authentication password based on the information indicating the authentication password generation rule received from the ONU 20b. In addition, when updating the authentication password and the calculation password stored in the storage unit, the OLT 10b replaces the authentication password with the new authentication password and uses the new calculation password according to the calculation password generation rule common to the ONU20b. Generate and replace the calculation password with the new calculation password.

(B-1) Configuration of Second Embodiment The configuration and operation of the OLT 10b and ONU 20b according to the second embodiment will be described below, focusing on parts different from those of the first embodiment. ..

(B-1-1) Overall Configuration The overall configuration of the optical communication system 1b according to the second embodiment is the same as that of the optical communication system 1 according to the first embodiment shown in FIG. In FIG. 1, the OLT according to the second embodiment is shown as the OLT and the ONU, respectively, as the OLT 10b and the ONU 20b.

(B-1-2) Internal configuration of OLT10b The internal configuration of OLT10b is the same as that of OLT10 according to the first embodiment shown in FIG. However, the processing unit 160b of the OLT 10b is different from the processing unit 160 of the OLT 10 in the first embodiment in its configuration in the functional block diagram (FIG. 13 described later).

FIG. 13 is a functional block diagram of the processing unit in the OLT of the second embodiment. In FIG. 13, the processing unit 160b includes an authentication unit 1610b, a calculation unit 1620b, a storage unit 1630b, an authentication password generation unit 1650b, and a calculation password 1660b. In FIG. 13, the processing unit 160b includes the authentication password generation unit 1650b and the calculation password generation unit 1660b, and the information stored by the storage unit 1630b is different from the processing unit 160 of the OLT 10 in the first embodiment. In FIG. 13, the authentication unit 1610b, the calculation unit 1620b, the storage unit 1630b, the authentication password generation unit 1650b, and the calculation password 1660b are connected by a bus line 1640b.

The authentication unit 1610b and the calculation unit 1620b have the same functions as the authentication unit 1610 and the calculation unit 1620 included in the OLT 10 of the first embodiment shown in FIG.

The authentication password generation unit 1650b generates an authentication password according to the information indicating the authentication password generation rule received by the OLT 10b from the ONU 20b. The details of the authentication password generation rule will be described later.

The calculation password generation unit 1660b generates a calculation password according to a calculation password generation rule commonly held by the OLT 10b and the ONU 20b at the time of initial connection. The details of the calculation password generation rule will be described later.

The storage unit 1630b stores the MAC address of the ONU20b, the authentication password and the calculation password associated with the MAC address, and the calculation rule associated with the MAC address. The storage unit 1630b is different from the storage unit 1630 in the first embodiment in that the calculation password generation rule is stored. As shown in FIG. 13, the storage unit 1630b has a table 1631b (1631b-1 to 1631b-n) in which each of the authentication password, the calculation password, and the calculation password generation rule is associated with the MAC address for each ONU20b. n is an integer of 1 or more and equal to the number of ONU 20s in the optical communication system 1). The authentication password, the calculation password, and the calculation password generation rules stored for each ONU20b are common to the ONU20b having the corresponding MAC address.

The internal configuration of the OLT 10b in the second embodiment has been described above. Subsequently, the internal configuration of the ONU 20b in the second embodiment will be described.

(B-1-3) Internal configuration of ONU20b The internal configuration of ONU20b is the same as that of ONU20 according to the first embodiment shown in FIG. However, the processing unit 260b of the ONU 20b is different from the processing unit 260 of the OLT 10 in the first embodiment in its configuration in the functional block diagram (FIG. 14 described later).

FIG. 14 is a functional block diagram of the processing unit in the ONU of the second embodiment. In FIG. 14, the processing unit 260b includes a request unit 2610b, a calculation unit 2620b, a determination unit 2630b, an authentication password generation unit 2640b, a storage unit 2650b, and a calculation password generation unit 2670b. In FIG. 14, the processing unit 260b includes the calculation password generation unit 2670b, and the information stored in the storage unit 2650b is different from the processing unit 260 of the ONU 20 in the first embodiment. In FIG. 14, the request unit 2610b, the calculation unit 2620b, the determination unit 2630b, the authentication password generation unit 2640b, the storage unit 2650b, and the calculation password generation unit 2670b are connected by a bus line 2660b.

The request unit 2610b, the calculation unit 2620b, the determination unit 2630b, and the authentication password generation unit 2640b are the request unit 2610, the calculation unit 2620, the determination unit 2630, and the authentication password generation unit included in the ONU 20 of the first embodiment shown in FIG. It has the same function as 2640.

The storage unit 2650b stores the MAC address of the ONU20b, the authentication password and the calculation password associated with the MAC address, and the calculation rule associated with the MAC address. The storage unit 2650b is different from the storage unit 2650 in the first embodiment in that the calculation password generation rule is stored. As shown in FIG. 14, the storage unit 2650b holds a table 2651b in which the MAC address of the ONU20b itself, the authentication password, the calculation password, and the generation rules of the calculation password are recorded. The tables 1631b-1 to 1631b-n held by the storage unit 1630b of the OLT 10b also hold the same rules as the authentication password, the calculation password, and the calculation password generation rules stored in the storage unit 2650b of the ONU 20b. Will be done.

The calculation password generation unit 2670b generates a calculation password according to a calculation password generation rule commonly held by the OLT 10b and the ONU 20b at the time of initial connection. The details of the calculation password generation rule will be described later.

(B-2) Communication Sequence of Second Embodiment Subsequently, the operation in the optical communication system according to the second embodiment will be described in detail with reference to the drawings.

(B-2-1) Initial authentication between OLT and ONU in the second embodiment FIG. 15 shows a sequence diagram showing communication exchanges at the time of initial connection between OLT and ONU in the second embodiment, and OLT and It is a figure which shows the state of each storage part of ONU.

When the OLT 10b and the ONU 20b are connected for the first time, the storage unit 2650b of the ONU 20b holds its own MAC address "MAC1" and the authentication password "Local" in the first connection in the table 2651b, and does not hold the calculation password. (61b in FIG. 15). Further, the storage unit 1630b of the OLT 10b holds the MAC address "MAC1" of the ONU20b and the authentication password "Local" in the initial connection in the table 2651b corresponding to the MAC address "MAC1" of the ONU20b, and holds the calculation password. It shall not be (62b in FIG. 15). As in the first embodiment, for example, the person in charge of the line construction site stores the MAC address "MAC1" of the ONU20b in the OLT10b, and sets the authentication password "Local" in both the OLT10b and the ONU20b for the first connection. You may do it.

In the communication sequence shown in FIG. 15, each of S101b, S102b, S103b, and S104b is the same as S101, S102, S103, and S104 in the sequence diagram shown in FIG. Hereinafter, a portion that is a difference of FIG. 15 with respect to FIG. 6 will be described.

When the ONU20b receives the authentication permission notification from the OLT10b in S104b, the ONU20b notifies the OLT10b of the calculation password generation rule (S107b). For notification of the calculation password generation rule, for example, a plurality of hash functions (h1 [x] to hl "x") including a hash function h1 [x] are commonly held between ONU20b and OLT10b in advance. , ONU20b may notify the calculation password generation rule by transmitting the instruction to generate the calculation password to the OLT 10b by using the hash function h1 [x] in the notification of S107b. Further, in this instruction, it is preferable to specify a number or the like that identifies each of the plurality of hash functions. In S107b of FIG. 15, ONU20b transmits an instruction to generate an arithmetic password to OLT10b using the hash function h1 [x]. Here, the authentication permission notification received from the OLT 10 in S104b includes information at a designated time when the ONU 20b transmits a signal (frame) to the OLT 10b in S107b. Here, the value at the specified time is T1. The OLT 10b holds the designated time T1 transmitted to the ONU 20b, and the ONU 20b transmits S107b at the designated time T1.

The ONU20b generates the calculation password "B" by the calculation password generation unit 2670b according to the calculation password generation rule notified to the OLT10b (using the hash function h1 [x] among the plurality of hash functions). Here, ONU20b substitutes the value T1 of the specified time of signal transmission received from OLT10b in S104b into the hash function h1 [x] instructed to be used by OLT10b in S107b to obtain the calculation result h1 [T1]. Is the calculation password "B" (B = h1 [T1]).

Upon receiving the notification of the calculation password generation rule (using the hash function h1 [x] among the plurality of hash functions) from the ONU20b, the OLT 10b holds the calculation password generation rule in the storage unit 1630b. Further, the OLT 10b transmits a notification to the ONU 20b that the calculation password generation rule has been received (S108b). Here, the notification transmitted to the ONU 20b in S108b includes information at a designated time when the ONU 20b transmits a signal (frame) to the OLT 10b in S105b. Here, the value at the specified time is T2. The OLT 10b holds the designated time T2 transmitted to the ONU 20b, and the ONU 20b transmits the S105b at the designated time T2.

The ONU20b generates a new authentication password "A" by the authentication password generation unit 2640b. Further, the ONU 20b notifies the OLT 10b of the authentication password generation rule for generating the new authentication password “A” (S105b). For notification of the authentication password generation rule, for example, a plurality of hash functions (h1 [x] to hl "x") including a hash function h2 [x] are commonly held between ONU20b and OLT10b in advance. , ONU20b may notify the OLT10b of the new authentication password generation rule by transmitting an instruction to generate a new authentication password using the hash function h2 [x] in the notification of S105b. Here, ONU20b transmits an instruction to generate a new authentication password to OLT10b using the hash function h2 [x]. Then, the ONU20b substitutes the hash function h2 [x] for the value T2 of the designated time of signal transmission received from the OLT10b in S108b to obtain the calculation result h2 [T2], which is used as the new authentication password "A". (A = h2 [T2]).

The ONU 20b replaces the authentication password "Local" stored in the storage unit 2650b with the new authentication password "A", and holds the generated calculation password "B" as the calculation password (63b in FIG. 15). The process of replacing the authentication password stored in the storage unit 2650b and the process of holding the calculation password in the storage unit 2650b are executed by a control means (such as the CPU described above) included in the processing unit 260b (FIG. 4). To.

The OLT 10b generates the calculation password "B" by the calculation password generation unit 1660b according to the calculation password generation rule (using the hash function h1 [x] among a plurality of hash functions) notified from the ONU20b. To do. Here, the OLT 10b substitutes the value of the designated time T1 transmitted to the ONU 20b in S104b into the hash function h1 [x] to obtain the calculation result h1 [T1], and sets the calculation result as the calculation password "B" ( B = h1 [T1]). As described above, since the ONU20b substitutes the value of the specified time T1 received from the OLT10b into the hash function h1 [x] to generate the calculation password, the calculation password "B" generated by the OLT10b is generated by the ONU20b. It matches the generated calculation password "B". As a result, the OLT 10b and the ONU 20b can generate and retain a common calculation password.

Further, the OLT 10b is subjected to the new authentication password "A" by the authentication password generation unit 1650b in accordance with the authentication password generation rule (using the hash function h2 [x] among a plurality of hash functions) notified from the ONU20b. To generate. Here, the OLT 10b substitutes the value of the designated time T2 transmitted to the ONU 20b in S108b into the hash function h2 [x] to obtain the calculation result h2 [T2], and sets the calculation result as the calculation password "A" ( A = h2 [T2]). As described above, the ONU20b substitutes the value of the specified time T2 received from the OLT10b into the hash function h2 [x] to generate the new authentication password. Therefore, the new authentication password "A" generated by the OLT10b is It matches the new authentication password "A" generated by ONU20b. As a result, the OLT 10b and the ONU 20b can generate and retain a common new authentication password. Then, the OLT 10b replaces the authentication password "Local" stored in the storage unit 1630b with the new authentication password "A", and holds the generated calculation password "B" as the calculation password (64b in FIG. 15). .. The process of replacing the authentication password stored in the storage unit 1630b and the process of holding the calculation password in the storage unit 1630b are executed by a control means (such as the CPU described above) included in the processing unit 160b (FIG. 2). To. The OLT 10b notifies the ONU 20b that the change of the new authentication password and the calculation password has been completed (S106b).

When the ONU20b receives the notification from the OLT10b in S106b, the authentication sequence at the time of the first connection ends. In S106b and later, the OLT 10b allocates a band to the ONU 20b by the DBA function as in the conventional optical communication system, and the ONU 20b communicates according to the band and the transmission timing specified by the OLT 10b.

The ONU20b may transmit the authentication password generation rule and the calculation password generation rule by generating and transmitting a frame based on, for example, an extended OAM frame defined by IEEE802.3ah. .. Further, the rules for changing the calculation password in the OLT 10b and the ONU 20b, that is, in the second embodiment, the calculation password is generated and the generated calculation password is retained, so that the OLT 10 and the ONU 20 share in advance. You may do it. For example, a rule for changing the calculation password may be incorporated into the firmware of the OLT 10b and the ONU 20b according to the present embodiment at the manufacturing stage. Further, for example, in the communication at the time of the first connection between the OLT and the ONU shown in FIG. 15, the ONU20b may notify the OLT10b of the calculation password change rule at an arbitrary timing (for example, together with S105b).

(B-2-2) Authentication at the time of reconnection of OLT and ONU in the second embodiment Then, referring to FIG. 16, after the connection (communication link) between OLT 10b and ONU 20b is disconnected, OLT 10b and ONU 20b Authentication when and is reconnected will be described. FIG. 16 is a sequence diagram showing communication exchanges at the time of reconnection between the OLT and the ONU in the second embodiment, and a diagram showing the states of the storage units of the OLT and the ONU, respectively.

As shown in FIG. 15, after S106b at the time of the first connection in the second embodiment, the ONU 20b and the OLT 10b commonly hold the authentication password "A" and the calculation password "B" (FIG. 15). 63b, 64b). In FIG. 16, with the ONU20b and the OLT10b both holding the authentication password “A” and the calculation password “B”, a failure occurs in the OLT or the ONU itself, or in the communication section connecting the OLT and the ONU, and the ONU20b and the OLT10b The sequence when the connection with is disconnected and the ONU20b is reconnected to the same OLT10b as before the disconnection is shown.

In the communication sequence shown in FIG. 16, each of S201b, S202b, S203b, S204b, S205b, and S206b is the same as S201, S202, S203, S204, S205, and S206 in the sequence diagram shown in FIG. 7. Hereinafter, a portion that is a difference of FIG. 15 with respect to FIG. 6 will be described.

When the ONU20b receives the calculation result for the calculation function from the OLT 10b, the determination unit 2630b determines whether or not the calculation result received from the OLT 10b and the calculation result by the calculation unit 2620b of the ONU 20b match. The calculation password held by the ONU 20b in 71b of FIG. 16 is “B”, and the calculation password held by the OLT 10b in 72b of FIG. 16 is “B”. Therefore, since the calculation results of both ONU20b and OLT10b match, the determination unit 2630b determines that it is true. The calculation using the calculation function and the calculation password in the OLT 10b is performed in the same manner as in the first embodiment.

If the determination unit 2630b determines that the result is true, the ONU20b notifies the OLT10b of the authentication password generation rule (S207b), and the authentication password generation unit 2640b generates a new authentication password "C". Here, the ONU20b holds in advance a plurality of hash functions (h1 [x] to hl "x") including the hash function h3 [x] between the ONU20b and the OLT10b, as in the sequence at the time of the first connection. In the notification of S207b, ONU20b transmits an instruction to generate an authentication password to OLT10b using the hash function h3 [x]. Here, the calculation result response received from the OLT10b in S206b includes information at a designated time when the ONU20b transmits a signal (frame) to the OLT10b in S207b. Here, the value at the designated time is T3. The OLT 10b holds the designated time T3 transmitted to the ONU 20b, and the ONU 20b transmits the S207b at the designated time T3. Then, the ONU20b substitutes the hash function h3 [x] for the value T3 of the specified time of signal transmission received from the OLT10b in S206b to obtain the calculation result h3 [T3], and sets this as the new authentication password "C". (C = h3 [T3]).

Subsequently, the ONU20b is subjected to the calculation password generation unit 2670b according to the calculation password generation rule (using the hash function h1 [x] among the plurality of hash functions) held in common with the OLT10b in S107b of FIG. Generate a new calculation password "D". Here, the ONU20b substitutes the calculation password "B" for the hash function h1 [x], which is a function commonly held with the OLT10b, to obtain the calculation result h1 [B], and obtains the calculation result h1 [B], which is used as the new calculation password "D". (D = h1 [B]). As a rule for generating a password for calculation when the OLT10b and ONU20b are reconnected, an old password for calculation (“B” in 71b and 72b in FIG. 16) is substituted into the hash function h1 [x], and the calculation is performed. The ONU20b may notify the OLT10 that the result will be the password for the new calculation in S107b of the sequence at the time of the first connection between the OLT10b and the ONU20b shown in FIG.

The ONU20b replaces the authentication password "A" stored in the storage unit 2650b with the new authentication password "C", and replaces the calculation password "B" stored in the storage unit 2650b with the new calculation password "D". Replace (73b in FIG. 16). The old authentication password (“A” in 71b of FIG. 16) and the old calculation password (“B” in 71b of FIG. 16) are discarded.

The OLT 10b uses the authentication password generation unit 1650b to generate a new authentication password "C" in accordance with the authentication password generation rule (using the hash function h3 [x] among a plurality of hash functions) notified from the ONU 20b. Generate. Here, the OLT 10b substitutes the value of the specified time T3 transmitted to the ONU 20b in S206b into the hash function h3 [x] to obtain the calculation result h3 [T3], and sets the calculation result as the new authentication password "C". (C = h3 [T3]). As described above, the ONU20b generates a new authentication password by substituting the value of the specified time T3 specified from the OLT10b into the hash function h3 [x], so that the new authentication password "C" generated by the OLT10b is , Matches the new authentication password "C" generated by ONU20b. As a result, the OLT 10b and the ONU 20b can generate and retain a common new authentication password.

Subsequently, the OLT 10b is subjected to the calculation password generation unit 2670b according to the calculation password generation rule (using the hash function h1 [x] among the plurality of hash functions) held in common with the OLT 10b in S107b of FIG. Generate a new calculation password "D". Here, the OLT 10b substitutes the calculation password "B" for the hash function h1 [x], which is a function held in common with the ONU 20b, to obtain the calculation result h1 [B], and uses this as the new calculation password "D". (D = h1 [B]). As a rule for generating a password for calculation when the OLT 10b and ONU 20b are reconnected, an old password for calculation (“B” in 71b and 72b in FIG. 16) is substituted into the hash function h1 [x], and the password is generated. The OLT 10b may be notified by the ONU 20b that the calculation result is used as the password for the new calculation in S107b of the sequence at the time of the first connection between the OLT 10b and the ONU 20b shown in FIG. As a result, the OLT 10b and the ONU 20b can generate and retain a common new calculation password.

Then, the OLT 10b replaces the authentication password "A" stored in the storage unit 2650b with the new authentication password "C", and replaces the calculation password "B" stored in the storage unit 2650b with the new calculation password "D". (74b in FIG. 16). The old authentication password (“A” in 72b of FIG. 16) and the old calculation password (“B” in 72b of FIG. 16) are discarded. The OLT 10b notifies the ONU 20b that the change of the new authentication password and the new calculation password has been completed (S208b).

When the ONU20b receives the notification from the OLT10b at S208b, the authentication sequence at the time of reconnection ends. In S208b and later, the OLT 10b allocates a band to the ONU 20b by the DBA function as in the conventional optical communication system, and the ONU 20b communicates according to the band and the transmission timing specified by the OLT 10b.

(B-2-3) When the ONU and the unauthorized OLT are connected in the second embodiment The connection (communication link) between the OLT 10b and the ONU 20b is disconnected in the optical communication system 1b according to the second embodiment. After that, the sequence when the opposite device to be reconnected by the ONU 20b becomes an illegal OLT is the same as the sequence in the first embodiment shown in FIG.

For example, when the ONU20b reconnects to the OLT after the authentication sequence at the time of the initial authentication of the OLT10b and the ONU20b shown in FIG. 15 is completed and the ONU20b holds the authentication password "A" and the calculation password "B", the OLT10b When replaced with the fraudulent OLT80b, the ONU20b detects the fraudulent OLT80b according to the communication sequence of FIG. 9 as follows.

That is, the ONU20b makes an authentication request to the unauthorized OLT80b based on the authentication password "A" (S303 in FIG. 9). When the ONU20b receives the authentication permission notification from the invalid OLT80b, the ONU20b sends an arithmetic function and an arithmetic result response request to the unauthorized OLT80b (S305 in FIG. 9), and the ONU20b itself uses the arithmetic function and the arithmetic password "B". Performs an operation and retains the operation result. Since the invalid OLT80b does not know the valid calculation password, the illegal OLT80b responds to the ONU20b with an invalid calculation result. The ONU20b determines that the operation result of itself and the returned operation result do not match, and determines that the opposite device connected to the ONU20b itself is an invalid OLT80b (in other words, an illegal OLT is detected). (S307 in FIG. 9).

Even if the connection between the ONU 20b and the OLT 10b is disconnected again after the reconnection sequence between the ONU 20b and the OLT 10b shown in FIG. 16 is completed and the OLT 10b is replaced with the invalid OLT 80b at the time of reconnection, the ONU 20b detects the invalid OLT 80b. The sequence is the same as the communication sequence shown in FIG. 9 described above, except that the authentication password and the calculation password held by the ONU 20b are different.

(B-2-4) When the OLT and the unauthorized ONU are connected in the second embodiment The connection (communication link) between the OLT 10b and the ONU 20b is disconnected in the optical communication system 1 according to the second embodiment. After that, the sequence when the illegal ONU 20 tries to connect to the OLT 10 is the same as the sequence in the first embodiment shown in FIG.

For example, when the authentication sequence at the time of initial authentication of the OLT10b and the ONU20b shown in FIG. 15 is completed, and the unauthorized ONU tries to connect to the OLT10b after the OLT10b holds the authentication password "A" and the calculation password "B". , OLT10b detects an illegal ONU90b according to the communication sequence of FIG. 10 as follows.

That is, the fraudulent ONU90b makes an authentication request to the OLT10b based on the MAC address imitating the legitimate ONU20b and the fraudulent authentication password (S403 in FIG. 10). The OLT10b refers to the storage unit 1630b, and determines that the authentication password "A" stored in association with the MAC address received from the invalid OLT90b does not match the invalid authentication password received from the invalid OLT90b. .. Then, the OLT 10b does not send the authentication permission notification to the fraudulent OLT90b, and notifies the management device 60 that the opposite device connected to the OLT10b itself is determined to be the fraudulent ONU90b (in other words, the fraudulent ONU90b is detected) (FIG. 10). S404).

Even if the connection between the ONU 20b and the OLT 10b is disconnected again after the reconnection sequence between the ONU 20b and the OLT 10b shown in FIG. 16 is completed and the invalid OLT 90b tries to connect to the OLT 10b at the time of reconnection, the OLT 10b causes the illegal ONU 90b. The sequence to be detected is the same as the communication sequence shown in FIG. 10 described above, except that the authentication password held by the OLT 10b and the calculation password are different.

(B-3) Operation of the Second Embodiment Next, the operation flow of the ONU and the OLT for realizing the communication sequence of the second embodiment described above will be described with reference to the drawings.

(B-3-1) Operation Flow of ONU of the Second Embodiment FIG. 17 is a flowchart showing the operation flow of the ONU of the second embodiment. In the communication sequences shown in FIGS. 15, 16 and 9 described above, the operation of the ONU 20b is represented by the flowchart shown in FIG.

In the flowchart shown in FIG. 17, S501b, S502b, S503b, S504b, S505b, S506b, S507b, S508b, S511b, respectively, are S501, S502, S503, S504, S505, S506, S507, S508, respectively. It is the same as S511. Hereinafter, the differences S509b, S510b, S512b, and S513b of FIG. 17 with respect to FIG. 11 will be described.

The ONU20b determines in S508 whether or not the operation result received from the OLT10b matches the operation result by the ONU20b itself, and if this determination result is affirmative, a new authentication password and a new operation password are generated. (S509b). The new authentication password is generated by the authentication password generation unit 2640b (FIG. 14), and the new calculation password is generated by the operation password generation unit 2670b (FIG. 14). Here, the new authentication password and the new calculation password generated in S509 after the determination in S508b correspond to the authentication password “C” and the calculation password “D” in 73b of FIG. 16, respectively. When the determination is denied in S504b and the process proceeds to S509b, the new authentication password and the new calculation password generated in S509b are the authentication password "A" and the calculation password "B" in 63b of FIG. 15, respectively. Corresponds to.

The ONU20b notifies the OLT10b of the authentication password generation rule in order to generate the new authentication password. Further, the ONU 20b updates the storage unit 2650b, replaces the authentication password with the new authentication password, and replaces the calculation password with the new calculation password (S510b). The notification of the authentication password generation rule in S510b corresponds to S105b in FIG. 15 and S207b in FIG. The update of the storage unit 2650b performed via S508b and S509b corresponds to holding the authentication password "C" and the calculation password "D" in 73b of FIG. Further, the determination is denied in S504b, the process proceeds to S509b, and then the update of the storage unit 2650b performed in S510b means that the authentication password "A" and the calculation password "B" are retained in 63b of FIG. Equivalent to. When the processing of S510b is completed, the operation of ONU20b shown in FIG. 17 is completed.

If the determination is negative in S504b, the ONU20b notifies the OLT10b of the calculation password generation rule (S512b). The determination of S504b is denied indicates a state in which the storage unit 2650b does not hold the calculation password, which corresponds to the state at the time of initial authentication as shown in FIG. The notification of the calculation password generation rule in S512b corresponds to S107b in FIG. After S512b, the ONU20b receives a notification of receipt of the calculation password generation rule from the OLT10b. After the processing of S513b, the processing of S509b and S510b described above is performed.

(B-3-2) Operation Flow of OLT of the Second Embodiment FIG. 18 is a flowchart showing the operation flow of the OLT of the second embodiment. In the communication sequences shown in FIGS. 15, 16 and 10 described above, the operation of the OLT 10b is represented by the flowchart shown in FIG.

In the flowchart shown in FIG. 18, S601b, S602b, S603b, S604b, S605b, S606b, and S610b are the same as S601, S602, S603, S604, S605, S606, and S610 in the flowchart shown in FIG. Hereinafter, S607b, S608b, S609b, S611b, and S612b, which are the differences of FIG. 18 with respect to FIG. 12, will be described.

The OLT 10b determines whether or not the authentication password generation rule has been received from the ONU 20b after the calculation result is transmitted to the ONU 20b in S606b (S607b). When the authentication password generation rule is received, the process proceeds to S608b. If the authentication password generation rule is not received, the process waits until the authentication password is received, and if the authentication password is received from the ONU20b, the process proceeds to S608b.

When the OLT 10b receives the authentication password generation rule from the ONU 20b in S607b, the OLT 10b generates a new authentication password and a new calculation password (S608b). The new authentication password is generated by the authentication password generation unit 1650b (FIG. 13), and the new calculation password is generated by the operation password generation unit 1660b (FIG. 13). Here, the new authentication password and the new calculation password generated in S608b after the determination in S605b is affirmed correspond to the authentication password “C” and the calculation password “D” in 74b of FIG. 16, respectively. .. The new authentication password and the new calculation password generated in S608b after the determination in S605b is denied correspond to the authentication password "A" and the calculation password "B" in 64b of FIG. 15, respectively.

The OLT 10b updates the storage unit 1630b, replaces the authentication password with the new authentication password, and replaces the calculation password with the new calculation password. When the OLT 10b finishes updating the storage unit 1630b, the OLT 10b notifies the ONU 20b of the completion of the change of the authentication password and the calculation password (S609b). The notification of S609b corresponds to S106b of FIG. 15 and S208b of FIG. In the update of the storage unit 1630b performed in S609b after the determination of S605b is affirmed, the authentication password "C" is retained and the calculation password "D" is retained in 74b of FIG. Equivalent to. Further, the update of the storage unit 1630b performed in S609b after the determination of S605b is denied corresponds to the authentication password "A" being retained and the calculation password "B" being retained in 64b of FIG. To do. When the processing of S609b is completed, the operation of the OLT 10b shown in FIG. 18 is completed.

If the OLT 10b does not receive the calculation function from the ONU 20b and the determination of S605b is denied, the OLT 10b determines whether or not the calculation password generation rule has been received from the ONU 20b (S611b). If the calculation password generation rule is received, the process proceeds to S612b. If the calculation password generation rule is not received, the process waits until the calculation password is received, and if the calculation password is received from the ONU20b, the process proceeds to S612b. Next, the OLT 10b notifies the ONU 20b that it has received the calculation password generation rule (S612b). The notification of S612b corresponds to S108b of FIG. After the notification of S612b, the process proceeds to S607b. The case where the OLT 10b does not receive the arithmetic function from the ONU 20b in S605b corresponds to the sequence at the time of the first connection shown in FIG. Further, when the OLT10b receives the calculation password generation rule from the ONU20b in S605b and the determination of S611b is affirmed, the calculation password generation rule is notified from the ONU20b to the OLT10b in S107b of FIG. Corresponds to.

In FIG. 18, after the OLT10b sends an authentication permission notification to the ONU20b in S604b, the operation password generation rule is not received from the ONU20b within a certain period of time in S611b (in other words, the operation function and the operation result response). If neither the request nor the calculation password generation rule is received), the process may proceed to S610b. Further, after the OLT10b notifies the ONU20b of the calculation result in S606b, if the authentication password generation rule is not received from the ONU20b within a certain time in S607b, the process may proceed to S610b.

As described above, the ONU 20b operates based on the flowchart shown in FIG. 17, and the OLT 10b operates based on the flowchart shown in FIG. 18, whereby between the ONU and the OLT shown in FIGS. 15, 16, 9, and 10. A communication sequence is realized.

(B-4) Effect of Second Embodiment According to the second embodiment described above, the same effect as that of the first embodiment can be obtained. That is, if the OLT10b and the ONU20b are reconnected after the connection (communication link) between the OLT10b and the ONU20b is disconnected, the ONU20b is authenticated by the OLT10b, and the validity of the OLT10b is further confirmed by the ONU20b. Therefore, even if the counter device to be reconnected by the ONU 20b is replaced with the illegal OLT 80b, the ONU 20b can determine that the counter device connected to the ONU 20b itself is the illegal OLT 80b. Therefore, it is possible to prevent the information transmitted by the ONU 20b from leaking to the unauthorized OLT 80b.

Further, according to the second embodiment, when updating the authentication password and the calculation password held by both the ONU20b and the OLT10b, the ONU20b sets the new authentication password generation rule and the new calculation password generation rule to the OLT10b. Upon notification, ONU20b and OLT10b generate a new authentication password and a new calculation password inside their own device according to the password generation rule. This makes it difficult for a third party to steal the password held by the OLT 10b and the ONU 20b, and can improve the security of the optical communication system 1b.

For example, in the initial connection sequence of OLT10b and ONU20b shown in FIG. 15, the authentication password "A" (63b, 64b in FIG. 15) is generated inside ONU20b and OLT10b, so that a third party can use the authentication password "A". Cannot be stolen by means such as interception of communications. This also applies to the calculation password “B” (63b, 64b in FIG. 15). Alternatively, the authentication password "C" and the calculation password "D" shown in 73b and 74b of FIG. 16 are also generated inside the ONU20b and the OLT10b, so that a third party can steal these calculation passwords. Can not. Therefore, it is possible to prevent a third party from connecting the fraudulent OLT or fraudulent ONU as described above to the optical communication system 1b.

(C) Other Embodiments The present invention is not limited to the above embodiments, and embodiments as exemplified below can also be mentioned.

In the first embodiment and the second embodiment, when the connection (communication link) between the OLT and the ONU is disconnected once and then the OLT and the ONU are reconnected (when the communication link is restored), the ONU Confirms the validity of the OLT. Then, every time the confirmation by the ONU at the time of reconnection is successful, the authentication password and the calculation password are updated. As described above, the first embodiment and the second embodiment assume that an invalid OLT appears on the optical communication system at the time of reconnection after the connection between the OLT and the ONU is once disconnected. For example, it is assumed that the legitimate OLT is modified by a malicious program, and the OLT20 or the OLT20b is replaced by the malicious OLT80 without disconnecting the connection between the OLT and the ONU.

Therefore, for both the first embodiment and the second embodiment, regardless of whether or not the connection (communication link) between the OLT and the ONU is disconnected after the initial authentication between the OLT and the ONU is completed. The ONU may periodically request authentication from the OLT so that the ONU periodically confirms the validity of the OLT.

In the first embodiment, it is as follows. That is, as an internal configuration of the ONU 20, a timer unit (not shown) is provided in the processing unit 260 of the ONU 20 shown in FIG. 5, and the timer unit is constant after a certain authentication sequence (for example, the authentication sequence at the time of initial connection) is completed. Measure the time. The ONU 20 sends an authentication request to the OLT 10 every time the timer unit finishes measuring a certain period of time, and the ONU 20 periodically confirms the validity of the OLT 10.

This will be described with reference to FIGS. 6 and 7. The ONU 20 activates the timer unit at the end of S106 in FIG. 6 to start the measurement for a certain period of time. Then, when a certain time elapses in the timer unit, the ONU 20 transmits an authentication request to the OLT 10 regardless of whether or not the connection between the OLT and the ONU is disconnected during the elapse of the certain time (FIG. 7). S203). Then, by performing the sequence from S203 to S208 in FIG. 7, the ONU 20 re-authenticates the OLT 10, and the authentication password and the calculation password held by the ONU 20 and the OLT 10 are updated.

The ONU 20 restarts the timer unit at the end of S208 in FIG. 7 and starts measurement for a certain period of time. After that, if a certain time elapses in the timer unit, the ONU 20 is connected to the OLT 10 from S203 to S208 in FIG. 7 regardless of whether or not the connection between the OLT and the ONU is disconnected during the elapse of the certain time. Repeat the sequence of.

The same applies to the second embodiment, as follows. That is, as an internal configuration of the ONU 20b, a timer unit (not shown) is provided in the processing unit 260b of the ONU 20b shown in FIG. 14, and the timer unit is constant after a certain authentication sequence (for example, the authentication sequence at the time of initial connection) is completed. Measure the time. The ONU20b sends an authentication request to the OLT10b every time the timer unit finishes measuring a certain period of time, and the ONU20b periodically confirms the validity of the OLT10b.

This will be described with reference to FIGS. 15 and 16. The ONU 20b activates the timer unit at the end of S106b in FIG. 15 and starts the measurement for a certain period of time. Then, when a certain time elapses in the timer unit, the ONU 20b transmits an authentication request to the OLT 10b regardless of whether or not the connection between the OLT and the ONU is disconnected during the elapse of the certain time (FIG. 16). S203b). Then, by performing the sequence from S203b to S208b in FIG. 16, the ONU20b re-authenticates the OLT10b, and the authentication password and the calculation password held by the ONU20b and the OLT10b are updated.

The ONU 20b restarts the timer unit at the end of S208b in FIG. 16 to start the measurement for a certain period of time. After that, if a certain time elapses in the timer unit, the ONU 20b is connected to the OLT 10b in FIG. 16 regardless of whether the connection (communication link) between the OLT and the ONU is disconnected during the elapse of the certain time. The sequence from S203b to S208b is repeated.

As a result, even if the legitimate OLT is modified by a malicious program, for example, and the malicious OLT appears in the optical communication system without disconnecting the connection (communication link) between the OLT and the ONU, the ONU is sent to the ONU itself. It is possible to determine that the connected opposite device is an illegal OLT (in other words, to detect an illegal OLT).

1 ... Optical communication system 10 ... OLT
20 ... ONU
30 ... Optical splitter 40 ... Optical fiber trunk line 50 ... Optical fiber branch line 60 ... Management device 70 ... User terminal 100 ... Upper network 110 ... Optical receiver 120 ... Reception processing unit 130 ... NNI
140 ... Transmission processing unit 150 ... Optical transmission unit 160 ... Processing unit 170 ... External IF
1610 ... Authentication unit 1620 ... Calculation unit 1630 ... Storage unit 1631 ... Table (OLT side)
1640 ... Bus line 210 ... Optical receiver 220 ... Reception processing unit 230 ... UNI
240 ... Transmission processing unit 250 ... Optical transmission unit 260 ... Processing unit 2610 ... Request unit 2620 ... Calculation unit 2630 ... Judgment unit 2640 ... Authentication password generation unit 2650 ... Storage unit 2651 ... Table (ONU side)
2660 ... Bus line 80 ... Illegal OLT
41 ... Optical fiber 90 ... Illegal ONU
1631b ... Table (OLT side)
1660b ... Password generation unit for calculation 2651b ... Table (ONU side)
2670b ... Password generator for calculation

Claims (14)

It is a subscriber-side termination device that can communicate with the station-side termination device.
An authentication password common to the station-side terminating device that enables the station-side terminating device to authenticate the subscriber-side terminating device, and the subscriber-side terminating device determines the validity of the station-side terminating device. It defines a calculation password common to the station-side terminal device used for the operation, a function to be used for causing the station-side terminal device to perform an operation, and a process of changing the calculation password by the subscriber-side terminal device. A storage unit that stores change rules that are common to the station-side termination device,
Requesting unit sends said authentication password to the station side terminating device transmits further with the function, operation password for the station side terminating device stores assignment been the arithmetic result response request and the said function When,
A calculation unit that performs a calculation by substituting the calculation password stored in the storage unit into the function.
A determination unit that compares the calculation result for the response request received from the station-side termination device with the calculation result by the calculation unit, and outputs determination information when the station-side termination device is determined to be valid.
A first generation unit in which the determination information is input from the determination unit and a new authentication password different from the authentication password is generated.
The new authentication password is input from the first generation unit, the value of the authentication password is changed to the value of the new authentication password, and the first information related to the new authentication password is terminated on the station side. A processing unit that changes the value of the calculation password by transmitting to the device and performing the change processing specified in the change rule.
A subscriber-side termination device characterized by having. The change rule of the calculation password defines a process of changing the value of the calculation password to the value of the authentication password immediately before being changed to the value of the new authentication password.
The subscriber-side termination according to claim 1, wherein the processing unit changes the value of the calculation password to the value of the authentication password immediately before being changed to the value of the new authentication password. apparatus. The change rule of the calculation password defines a process of changing the value of the calculation password to the value of the newly generated new calculation password.
The processing unit previously transmits the second information indicating the new calculation password generation rule to the station-side terminal device, and then transmits the second information.
It further has a second generation unit in which the determination information is input from the determination unit and the new calculation password is generated according to the second information.
The subscription according to claim 1, wherein the processing unit receives the new calculation password from the second generation unit and changes the value of the calculation password to the value of the new calculation password. Person side termination device. The determination unit compares the calculation result for the response request received from the station-side termination device with the calculation result by the calculation unit, and if both calculation results do not match, the determination unit determines that the station-side termination device is invalid. And
The invention according to any one of claims 1 to 3 , wherein the processing unit notifies the terminal device connected to the subscriber-side terminal device that the station-side terminal device has been determined to be unreasonable. Subscriber side termination device Said request unit, the subscriber side terminating device at the time of recovery the communication link after a communication link is disconnected between the said station side terminating device, and transmits the pre-Symbol response request to the station side terminating device, wherein The determination unit compares the calculation result for the response request received from the station-side termination device with the calculation result by the calculation unit, and determines the validity of the station-side termination device at the time of restoration of the communication link. The subscriber-side termination device according to any one of claims 1 to 4. Said request unit transmits the pre-Symbol response request to the station side terminating device at predetermined intervals,
The calculation unit performs a calculation by substituting the calculation password stored in the storage unit into the function at each predetermined cycle.
The determination unit compares the calculation result with respect to the response request of each of the predetermined period received from the station-side termination apparatus, an arithmetic result by the arithmetic unit of the predetermined every period, said predetermined per cycle The subscriber-side termination device according to any one of claims 1 to 4 , wherein the validity of the station-side termination device is determined. A station-side termination device that can communicate with the subscriber-side termination device.
An authentication password common to the subscriber-side termination device used by the station-side termination device to authenticate the subscriber-side termination device, and the subscriber-side termination device determining the validity of the station-side termination device. Storage that stores the calculation password common to the subscriber-side termination device and the change rule common to the subscriber-side termination device that defines the change processing of the calculation password by the station-side termination device. Department and
The authentication password received from the subscriber-side terminal device is compared with the authentication password stored in the storage unit, and if both authentication passwords match, the authentication unit that authenticates the subscriber-side terminal device and the authentication unit. ,
A function for the station-side termination device to perform an operation from the subscriber-side termination device and a response request for the result of the calculation in which the calculation password is assigned to the function are input, and the function is used for the calculation. An arithmetic unit that performs operations by substituting a password,
A transmission unit that transmits the calculation result by the calculation unit to the subscriber side termination device, and a transmission unit.
The first information related to the new authentication password different from the authentication password is input from the subscriber side termination device, the value of the authentication password is changed to the value of the new authentication password, and the change rule A processing unit that performs the specified change processing to change the value of the calculation password, and
A station-side termination device characterized by having. The change rule of the calculation password defines a process of changing the value of the calculation password to the value of the authentication password immediately before being changed to the value of the new authentication password.
The processing unit changes the value of the authentication password to the value of the new authentication password included in the first information, and changes the value of the calculation password to the value of the new authentication password. The station-side termination device according to claim 7 , wherein the value is changed to the value of the authentication password immediately before the password is changed. The change rule of the calculation password defines a process of changing the value of the calculation password to the value of the newly generated new calculation password.
The first information includes the new authentication password generation rule.
The processing unit receives the second information indicating the generation rule of the new calculation password from the subscriber side termination device, and receives the second information.
A first generation unit in which the first information is input and a new authentication password is generated according to the generation rule of the new authentication password included in the first information.
Further having a second generation unit in which the second information is input and a new calculation password is generated according to the second information.
The processing unit changes the value of the authentication password to the value of the new authentication password generated by the first generation unit, and the value of the calculation password is generated by the second generation unit. The station-side termination device according to claim 7 , wherein the value is changed to the value of the new calculation password. The authentication unit compares the authentication password received from the subscriber-side terminal device with the authentication password stored in the storage unit, and if both do not match, the subscriber-side terminal device should be authenticated. Any of claims 7 to 9 , wherein it is determined that the device is not, and the management device connected to the station-side terminal device is notified that the subscriber-side terminal device should not be authenticated. The station-side termination device according to paragraph 1. A communication system including the subscriber-side termination device according to claim 1 and the station-side termination device according to claim 7. The communication system according to claim 11 , wherein the subscriber-side termination device and the station-side termination device are connected by an optical fiber and communicate with each other using an optical signal. A computer with a subscriber-side termination device that can communicate with the station-side termination device,
An authentication password common to the station-side terminating device that enables the station-side terminating device to authenticate the subscriber-side terminating device, and the subscriber-side terminating device determines the validity of the station-side terminating device. It defines a calculation password common to the station-side terminal device used for the operation, a function to be used for causing the station-side terminal device to perform an operation, and a process of changing the calculation password by the subscriber-side terminal device. A storage unit that stores change rules common to the station-side termination device,
A request unit that transmits the authentication password to the station-side termination device, and further transmits the function and a response request for the result of the calculation in which the calculation password stored in the station-side termination device is assigned to the function. ,
A calculation unit that performs a calculation by substituting the calculation password stored in the storage unit into the function.
The calculation result for the response request received from the station-side termination device is compared with the calculation result by the calculation unit, and if both calculation results match, the station-side termination device is determined to be valid and the determination information is obtained. Judgment unit to output,
A first generation unit, in which the determination information is input from the determination unit and a new authentication password different from the authentication password is generated.
The new authentication password is input from the first generation unit, the value of the authentication password is changed to the value of the new authentication password, and the first information related to the new authentication password is terminated on the station side. A processing unit that changes the value of the calculation password by transmitting to the device and performing the change processing specified in the change rule.
A program of a subscriber-side termination device, characterized in that it functions as. A computer with a station-side termination device that can communicate with the subscriber-side termination device,
An authentication password common to the subscriber-side termination device used by the station-side termination device to authenticate the subscriber-side termination device, and the subscriber-side termination device determining the validity of the station-side termination device. Storage that stores the calculation password common to the subscriber-side termination device and the change rule common to the subscriber-side termination device that defines the change processing of the calculation password by the station-side termination device. Department,
An authentication unit that compares the authentication password received from the subscriber-side terminal device with the authentication password stored in the storage unit, and authenticates the subscriber-side terminal device if both authentication passwords match.
A function for the station-side termination device to perform an operation from the subscriber-side termination device and a response request for the result of the calculation in which the calculation password is assigned to the function are input, and the function is used for the calculation. An arithmetic unit that performs operations by substituting a password,
A transmission unit that transmits the calculation result of the calculation unit to the subscriber-side termination device,
The first information related to the new authentication password different from the authentication password is input from the subscriber side termination device, the value of the authentication password is changed to the value of the new authentication password, and the change rule A processing unit that changes the value of the calculation password by performing the specified change processing.
A program of a station-side termination device characterized by functioning as.

Images