Ethernet passive optical networks (EPONs) are promising communication technologies for Distribution automation system (DAS). However, EPONs have very specific security requirements, due to the broadcast character of the transmission medium. Based on the hierarchical network model, this paper proposes an access control scheme for DAS using EPON, where the mutual authentication and key establishment between the OLT and the ONU is accomplished. The proposed scheme utilizes identity-based cryptosystem and is compatible with the ONU’s auto-discovery process in EPON. The analysis results show that the proposed scheme satisfies the strong security, sound scalability and efficiency simultaneously.