Security mechanism for mobile users

The invention claimed is: 1. A wireless communication device for use in a cellular network, the device comprising: a radio interface configured to enable communication between the device and a base station of the cellular network over a radio link; a transfer entity configured to exchange user data packets with a core network node of said cellular network over a signaling connection within a Non Access Stratum, via said radio link: and a data transmission verification entity configured to use a verifiable acknowledgement, received from said core network node over the signaling connection, to confirm delivery of a user data packet sent to the core network node over the signaling connection, the data transmission verification entity being further configured to selectively include, with the user data packet sent to said core network node across the signaling connection, a request to return to the device the verifiable acknowledgement for the sent user data packet; wherein the verifiable acknowledgement allows the wireless communication device to verify that the verifiable acknowledgement has actually been sent by said core network node with which the device intends to communicate. 2. The wireless communication device of claim 1 , wherein said wireless communication device is configured for use with a 3G cellular communication network and said transfer entity is configured to exchange said user data packets with a Serving GPRS Support Node (SGSN) across the Non Access Stratum. 3. The wireless communication device of claim 1 , wherein said wireless communication device is configured for use with a Long Term Evolution communication network and wherein said transfer entity is configured to exchange said user data packets with a Mobility Management Entity (MME) across the Non Access Stratum. 4. The wireless communication device of claim 1 , wherein said data transmission verification entity is configured to verify an acknowledgement using a secret shared between the wireless communication device and the core network node. 5. The wireless communication device of claim 1 , wherein said transfer entity is configured to include with sent user data packets an identity of a destination entity to which the core network node should forward the user data packets. 6. The wireless communication device of claim 1 , wherein said data transmission verification entity is configured to include said request within only a fraction of sent user data packets. 7. The wireless communication device of claim 6 and further comprising a handover controller configured to inform said data transmission verification entity that a handover to a new base station has been performed, and wherein said data transmission verification entity is further configured to send, at handover, said request together with at least one outgoing user data packet. 8. The wireless communication device of claim 6 , wherein said data transmission verification entity is configured to periodically include said request within sent user data packets. 9. An apparatus configured for use within a core network of a cellular communication network, the apparatus comprising: a transfer entity configured to exchange user data packets with user terminals over a signaling connection within a Non Access Stratum, via a radio link; and a data transmission verification entity configured to selectively send verifiable acknowledgements, in respect of user data packets received from user terminals, to those user terminals across said signaling connection, the data transmission verification entity being configured to send a verifiable acknowledgement to a user terminal in response to receipt from that user terminal of a user data packet containing a request for the verifiable acknowledgement; wherein the verifiable acknowledgement allows the user terminal to verify that the verifiable acknowledgement has actually been sent by the apparatus within the core network. 10. The apparatus of claim 9 , wherein the apparatus is configured to provide mobility management for user terminals. 11. The apparatus of claim 10 , wherein the apparatus is configured to operate as one of a Serving GPRS Support Node (SGSN) of a 3G network, and a Mobility Management Entity (MME) of a Long Term Evolution (LTE) network. 12. The apparatus of claim 9 , wherein said data transmission verification entity is configured to send the verifiable acknowledgement in response to an internally generated trigger, or a trigger generated at another node within the cellular network. 13. A method of sending data from a wireless communication device to a core network node within a cellular network, the method comprising: exchanging user data packets between the wireless communication device and the core network node over a signaling connection within a Non Access Stratum, via a radio link; including, within a user data packet sent to said core network node across the signaling connection, a request to return to the wireless communication device a verifiable acknowledgement for the sent user data packet; and at said wireless communication device, using the verifiable acknowledgement, received from said core network node over said signaling connection, to confirm delivery of the user data packet sent to the core network node over said signaling connection; wherein the verifiable acknowledgement allows said wireless communication device to verify that the verifiable acknowledgement has actually been sent by the core network node with which the wireless communication device intends to communicate. 14. The method of claim 13 , further comprising including said request within only a fraction of sent user data packets. 15. An apparatus configured for use within a core network of a cellular communication network, the apparatus comprising: a transfer entity configured to exchange user data packets with user terminals over a signaling connection within a Non Access Stratum, via a radio link; and a data transmission verification entity configured to selectively send verifiable acknowledgements, in respect of user data packets received from user terminals, to those user terminals across said signaling connection, the data transmission verification entity being configured to send a verifiable acknowledgement to a user terminal in response to an internally or core generated trigger indicating a mobility event for that user terminal; wherein the verifiable acknowledgement allows the user terminal to verify that the verifiable acknowledgement has actually been sent by the apparatus within the core network with which the user terminal intends to communicate.