In a communication network, assume a first computing device is an end user device, a second computing device is a gateway server, and a third computing device is an application server. A method comprises the following steps. The second computing device authenticates one or more packets received from the first computing device. The second computing device marks the one or more packets with a first-layer identity before routing the one or more packets toward the third computing device such that the third computing device is able to authenticate the one or more packets from the first computing device by confirming an association between the first-layer identity and a second-layer identity. For example, the first-layer identity may comprise a link layer identity assigned to the first computing device and the second-layer identity may comprise an application layer identity assigned to the first computing device.