The present invention relates to a method and network element for
providing secure access to a packet data network, wherein a first source
information is derived from a message received from a terminal device
(40, 60), and is compared with a second source information derived from a
packet data unit used for conveying said message, or derived from a
security association set up between the terminal device and the data
network. A protection processing for protecting the packet data network
from a fraudulent user attack is then initiated based on the comparing
result. Thereby, a simple and efficient protection mechanism can be
provided without sending any additional information or providing any
additional fields in the message.