公开(公告)号：US20060129814A1

公开(公告)日：2006-06-15

申请号：US11119246

申请日：2005-04-29

申请人： Jee Eun ,  Tae Yoo ,  Yool Kwon ,  Kyeong Han

发明人： Jee Eun ,  Tae Yoo ,  Yool Kwon ,  Kyeong Han

IPC分类号： H04L9/00

CPC分类号： H04L63/08 ,  H04L9/3236 ,  H04Q11/0067 ,  H04Q2011/0088

摘要： An authentication method for link protection between an OLT and an ONU newly connected thereto in an EPON, which is implemented in a data link layer to which cryptography is applied. First, an authentication key is distributed to both the OLT and an ONU. The OLT (or ONU) generates first and second random values, generates an authentication request frame containing the random values, and transmits it to the ONU (or OLT). The ONU generates a first hash value according to a hash function using the random values contained in the request frame, and transmits an authentication response frame containing the first hash value to the OLT. The OLT compares the first hash value with a second hash value calculated by it according to the has function using the two random values and an authentication key distributed to it, and transmits an authentication result frame to the ONU.

摘要翻译： 在EPON中与OLT新连接的ONU之间的链路保护的认证方法，其实现在应用了密码术的数据链路层中。 首先，向OLT和ONU分配认证密钥。 OLT（或ONU）生成第一和第二随机值，生成包含随机值的认证请求帧，并发送给ONU（或OLT）。 ONU使用包含在请求帧中的随机值根据散列函数生成第一散列值，并向OLT发送包含第一散列值的认证响应帧。 OLT根据具有两个随机值的功能和分配给它的认证密钥，将第一哈希值与其计算出的第二哈希值进行比较，并将认证结果帧发送给ONU。

公开(公告)号：US20070133791A1

公开(公告)日：2007-06-14

申请号：US11634995

申请日：2006-12-07

申请人： Kyeong Han ,  Jee Eun ,  Yool Kwon

发明人： Kyeong Han ,  Jee Eun ,  Yool Kwon

IPC分类号： H04L9/00

CPC分类号： H04L9/12 ,  H04L63/068 ,  H04L63/164

摘要： A method for controlling a security channel for reducing system load by extending the use period of a security association key is provided. In this method, an upper bit initial value of an initialization vector of an encryption algorithm and a using range thereof are shared between a transmitting side and a receiving side when a security channel is created. Then, a secure association is created between a transmitting side and a receiving side by setting an association number, a next packet number which is a lower bit value of an initialization vector, and a secure association key. Afterward, a packet number is modified whenever a frame is transmitted until all of packet numbers are used. When all packet numbers are used, the upper bit value of the initialization vector changes.

摘要翻译： 提供了一种通过扩展安全关联密钥的使用周期来控制用于减少系统负载的安全信道的方法。 在该方法中，当创建安全信道时，在发送侧和接收侧之间共享加密算法的初始化向量的高位初始值及其使用范围。 然后，通过设置关联号码，作为初始化向量的较低位值的下一个分组号码和安全关联密钥，在发送侧和接收侧之间建立安全关联。 之后，每当发送帧直到使用所有分组号时，分组号被修改。 当使用所有分组号时，初始化向量的高位值变化。

公开(公告)号：US20060126835A1

公开(公告)日：2006-06-15

申请号：US11116675

申请日：2005-04-27

申请人： Kwang Kim ,  Kyeong Han ,  Tae Yoo ,  Yool Kwon

发明人： Kwang Kim ,  Kyeong Han ,  Tae Yoo ,  Yool Kwon

IPC分类号： H04L9/00

CPC分类号： H04L9/0637 ,  H04L9/3242 ,  H04L2209/125

摘要： A high-speed Galois Counter Mode-Advanced Encryption Standard (GCM-AES) block cipher apparatus and method is provided. The apparatus can operate at a low clock frequency of 125 MHz and provide a 2 Gbps link encryption function in an Optical Line Termination (OLT) and an Optical Network Unit (ONU) of an Ethernet Passive Optical Network (EPON). 11-round block cipher of 128-bit input data is implemented using an 8-round Counter-AES (CTR-AES) block cipher module and a 3-round CTR-AES block cipher module, so that it is possible to provide a 1 Gbps link security function for an input frequency of 62.5 MHz and a 2 Gbps link security function for an input frequency of 125 MHz.

摘要翻译： 提供了高速Galois计数器模式 - 高级加密标准（GCM-AES）块密码设备和方法。 该装置可以在125MHz的低时钟频率下工作，并在以太网无源光网络（EPON）的光线路终端（OLT）和光网络单元（ONU）中提供2 Gbps链路加密功能。 使用8-round Counter-AES（CTR-AES）块加密模块和3轮CTR-AES块加密模块来实现128位输入数据的11路分组密码，使得可以提供1 输入频率为62.5 MHz的Gbps链路安全功能和125 MHz输入频率的2 Gbps链路安全功能。

公开(公告)号：US20060129491A1

公开(公告)日：2006-06-15

申请号：US11138204

申请日：2005-05-25

申请人： Jee Eun ,  Yool Kwon

发明人： Jee Eun ,  Yool Kwon

IPC分类号： H04L9/00

CPC分类号： H04L63/0428

摘要： The present invention provides a method for detecting a security module for link protection in an EPON, wherein an OLT and an ONU in the EPON can check whether or not an encryption module is present in each other and check the configuration of each other in order to avoid loss of a message when the message is encrypted for link protection between the OLT and the ONU in the EPON.

公开(公告)号：US20070019957A1

公开(公告)日：2007-01-25

申请号：US11488868

申请日：2006-07-18

申请人： Chan Kim ,  Tae Yoo ,  Yool Kwon ,  Bong-Tae Kim

发明人： Chan Kim ,  Tae Yoo ,  Yool Kwon ,  Bong-Tae Kim

IPC分类号： H04J14/00

CPC分类号： H04Q11/0067 ,  H04Q11/0066 ,  H04Q2011/0064 ,  H04Q2011/0086 ,  H04Q2011/0088

摘要： The invention provides a method and apparatus for allocating a dynamic band width of an EPON and an EPON master apparatus using the same. The bandwidth allocation is cycle based where every predetermined cycle, static gates are generated for all ONUs and dynamic gates are generated according to the reports using the remaining grant resource. The method for allocating an upstream bandwidth to transmit data from the ONUs to an OLT is as follows. A total allocatable grant length is calculated for the given cycle. A requested amount of grant length needed to transmit upstream data in each ONU is set based on report values collected from the report frames from all ONUs in the EPON. Then, distribution is made sequentially and repeatedly in a cycle by taking a basic unit from the total grant length and adding it to the grant length of the ONUs until the total allocatable grant length becomes 0 or the grant length allocated to all ONUs satisfy the requested amount of the grant length set in all ONUs.

摘要翻译： 本发明提供了一种用于分配EPON的动态带宽和使用其的EPON主设备的方法和装置。 带宽分配是基于周期的，其中针对所有ONU生成每个预定周期的静态门，并且根据使用剩余授权资源的报告生成动态门。 用于分配上行带宽以从ONU向OLT发送数据的方法如下。 计算给定周期的总可分配授权长度。 根据从EPON中所有ONU的报告帧收集的报告值，设置在每个ONU中发送上行数据所需的所需授权长度。 然后，通过从总授权长度中取一个基本单元并将其添加到ONU的授权长度，直到总可分配授权长度变为0或分配给所有ONU的授权长度满足所请求的 在所有ONU中设置的授权长度的数量。

公开(公告)号：US20070133549A1

公开(公告)日：2007-06-14

申请号：US11635774

申请日：2006-12-07

申请人： Hoon Lee ,  Tae Yoo ,  Jung Kim ,  Yool Kwon ,  Bong Kim

发明人： Hoon Lee ,  Tae Yoo ,  Jung Kim ,  Yool Kwon ,  Bong Kim

IPC分类号： H04L12/56

CPC分类号： H04L47/10 ,  H04L12/4645 ,  H04L12/66 ,  H04L47/20 ,  H04L61/103 ,  H04L61/6022

摘要： An apparatus and method for managing traffic using a VID in EPON are provided. The apparatus includes a MAC lookup table, a service classification policy table, a service control policy table, a MAC lookup unit, a first and second classification module, a VID learning unit and a first and second service control module. The apparatus classifies all packets of up/downlink transmission flow using a VID into a VID unit, through the first and second classification modules and manages traffic thereof according to the parameters thereof through the first and second service control modules. Accordingly, a large amount of traffic for numerous subscribers and services thereof, which was cannot be processed by the limitation on embodying a typical switch or router, can be processed according to the present invention.

摘要翻译： 提供了一种用于使用EPON中的VID来管理业务的装置和方法。 该装置包括MAC查找表，服务分类策略表，服务控制策略表，MAC查找单元，第一和第二分类模块，VID学习单元和第一和第二服务控制模块。 该装置通过第一和第二分类模块，使用VID将上行/下行链路传输流的所有数据包分类为VID单元，并通过第一和第二服务控制模块根据其参数来管理其流量。 因此，根据本发明，可以处理不能通过实施典型交换机或路由器的限制来处理大量用户和其服务的大量业务。

公开(公告)号：US20060126683A1

公开(公告)日：2006-06-15

申请号：US11139106

申请日：2005-05-27

申请人： Ho Kang ,  Sang Chai ,  Hyun Choi ,  Tae Yoo ,  Yool Kwon ,  Bong Kim

发明人： Ho Kang ,  Sang Chai ,  Hyun Choi ,  Tae Yoo ,  Yool Kwon ,  Bong Kim

IPC分类号： H01S3/00

CPC分类号： H04B10/564 ,  H01S5/042 ,  H01S5/0427 ,  H01S5/0683 ,  H01S5/06832 ,  H04B10/504

摘要： Disclosed herein is an optical transmitter having an analog/digital mixed-mode temperature compensation function. The optical transmitter, when detecting the optical output power of a laser diode, which outputs logic levels “1” and “0” as optical signals, through a monitoring photodiode, and controlling the bias current of a laser drive circuit to maintain the logic levels “1” and “0” at constant values, includes programs for controlling the bias current and modulation current of the laser drive circuit based on an variation in temperature, and is configured such that a temperature compensation circuit includes a digital control unit for controlling the bias current and modulation current of the laser drive circuit using the programs, so that temperature compensation operation can be adjusted only by the modification of the programs of the distal control unit.

摘要翻译： 这里公开了具有模拟/数字混合模式温度补偿功能的光发射机。 当光检测器通过监控光电二极管检测输出逻辑电平“1”和“0”的激光二极管的光输出功率，并控制激光驱动电路的偏置电流以维持逻辑电平 包括恒定值的“1”和“0”包括基于温度变化来控制激光驱动电路的偏置电流和调制电流的程序，并且被配置为使得温度补偿电路包括用于控制 使用该程序的激光驱动电路的偏置电流和调制电流，使得仅通过对远端控制单元的程序的修改才能调整温度补偿操作。

公开(公告)号：US20110145115A1

公开(公告)日：2011-06-16

申请号：US12902688

申请日：2010-10-12

申请人： Eun-Joo KIM ,  Yool Kwon ,  Young-Boo Kim

发明人： Eun-Joo KIM ,  Yool Kwon ,  Young-Boo Kim

IPC分类号： G06Q30/00

CPC分类号： G06Q30/04

摘要： Provided is a customized billing method for content service. A content service billing method in a billing management server for charging a fee for use of content service provided to a user via a communication network includes collecting billing information for calculating a content service use fee for a user from a network switch and a policy control server, and calculating the content service use fee using the collected billing information. Accordingly, customized billing considering communication network performance, service quality, and content properties is feasible.

摘要翻译： 提供了一种用于内容服务的定制计费方法。 计费管理服务器中的用于通过通信网络向用户收取使用费用的内容服务计费方法包括从网络交换机和策略控制服务器收集用于计算用户的内容服务使用费用的计费信息 ，并使用所收集的计费信息计算内容服务使用费。 因此，考虑到通信网络性能，服务质量和内容属性的定制计费是可行的。

公开(公告)号：US07724899B2

公开(公告)日：2010-05-25

申请号：US11634995

申请日：2006-12-07

申请人： Kyeong Soo Han ,  Jee Sook Eun ,  Yool Kwon

发明人： Kyeong Soo Han ,  Jee Sook Eun ,  Yool Kwon

IPC分类号： G06F11/00 ,  H04L9/00 ,  G06F7/04

CPC分类号： H04L9/12 ,  H04L63/068 ,  H04L63/164

摘要： A method for controlling a security channel for reducing system load by extending the use period of a security association key is provided. In this method, an upper bit initial value of an initialization vector of an encryption algorithm and a using range thereof are shared between a transmitting side and a receiving side when a security channel is created. Then, a secure association is created between a transmitting side and a receiving side by setting an association number, a next packet number which is a lower bit value of an initialization vector, and a secure association key. Afterward, a packet number is modified whenever a frame is transmitted until all of packet numbers are used. When all packet numbers are used, the upper bit value of the initialization vector changes.

摘要翻译： 提供了一种通过扩展安全关联密钥的使用周期来控制用于减少系统负载的安全信道的方法。 在该方法中，当创建安全信道时，在发送侧和接收侧之间共享加密算法的初始化向量的高位初始值及其使用范围。 然后，通过设置关联号码，作为初始化向量的较低位值的下一个分组号码和安全关联密钥，在发送侧和接收侧之间建立安全关联。 之后，每当发送帧直到使用所有分组号时，分组号被修改。 当使用所有分组号时，初始化向量的高位值变化。

公开(公告)号：US20080198857A1

公开(公告)日：2008-08-21

申请号：US11514561

申请日：2006-09-01

申请人： Chan Kim ,  Tae Whan Yoo ,  Yool Kwon ,  Bong-Tae Kim

发明人： Chan Kim ,  Tae Whan Yoo ,  Yool Kwon ,  Bong-Tae Kim

IPC分类号： H04L12/66 ,  H04B10/00

CPC分类号： H04Q11/0067 ,  H04Q11/0071 ,  H04Q2011/0064

摘要： The invention relates to an EPON bridge apparatus and a forwarding method thereof. In case of receiving frame from the network port or the PON port, the apparatus associates the port having the received frame inputted with source MAC address of the received frame to learn the information in an FDB table which manages port information for the learned MAC address. Then the apparatus refers to the FDB table to remove LLID from upstream frame, and then forwards the upstream frame to the network port, while attaching LLID corresponding to destination MAC address to downstream frame to transmit to the PON port. Bridging between ONUs are possible with flooding capability using anti-LLID. It provides VLAN-LLID translation mode with support for VLAN tag addition/removal at the ONU side. It also provides multicast pruning function for the downstream.

摘要翻译： 本发明涉及一种EPON桥接装置及其转发方法。 在从网络端口或PON端口接收帧的情况下，该装置将输入的接收帧的端口与接收到的帧的源MAC地址相关联，以学习管理学习MAC地址的端口信息的FDB表中的信息。 然后设备参考FDB表从上行帧删除LLID，然后将上行帧转发到网络端口，同时将对应于目的MAC地址的LLID连接到下游帧，以发送给PON端口。 ONU之间的桥接可以通过使用反向LLID的洪泛功能进行。 它提供VLAN-LLID转换模式，支持ONU侧的VLAN Tag添加/删除。 它还为下游提供组播剪枝功能。