Method and base station for packet transfer

Abstract

A method of packet transfer is provided to resolve the problem of fraudulent access to user LANs through falsified source address so that only those pre-registered terminals are permitted to transfer packets with specific data networks. Each user LAN is assigned an identifier to identify respective user LAN beforehand. Packet network stores terminal information including terminal addresses, identifiers assigned to one and more user LANs that are permitted to communicate with each packet terminal and information necessary for terminal authentication beforehand. When the packet terminal starts a communication through a base station, the packet network authenticates the packet terminal, and if it is an unauthorized terminal, the packet network informs a denial for communication to the packet terminal. If an allowance for communication is obtained by authentication, the packet terminal encrypts data to be transmitted and sends a packet to the packet network with an attachment containing the encrypted data, identifiers for the selected user LAN among one and more user LANs, the destination address and the source address. Packet network receives the packet, and while decoding the encrypted data included in the received packet, detects tampering, and if tampering is detected, the received packet is discarded, but if there is no tampering, it checks whether the identity of source address and the identifier is registered in the terminal information, and if the identity is registered, the received packet is sent to the destination address, and if the identity is not registered, the received packet is discarded.