Abstract

We discuss in detail all major security-related issues inherently present in PON systems. Ethernet PON (EPON) type networks have very specific requirements for data- and system-level security, due to combining - for the first time using Ethernet links - residential and business customers with different security awareness levels and protection demands. Various types of potential network structure targeted attacks are elaborated, starting from simple passive monitoring, through flavors of denial of service (DoS), towards masquerading and theft of service (ToS), presenting a complete and detailed image of security threats in EPONs. Authentication and security mechanisms, as well as their shortcomings, are also briefly examined.