US005 862220A Uted States Patent [19] [11] Patent Number: 5,862,220 Perman [45] Date of Patent: Jan. 19, 1999 [54] METHOD AND APPARATUS FOR USNG 5,538,255 7/1996 Barker - NETWORK ADDRESS NFORMATON TO 5,561,709 10/1996 Remiard..... 379/96 MPROVE THE PERFORMANCE OF 5,564,001 10/1996 Lewis 5,612,730 3/1997 LCWS..... 348/8 [75] nventor: Stephen G. Perman, Mountain View, Caif OTHER PUBLCATONS Matt Rosoff, Review: Gateway Destination PC, c/net inc., 2 pages, Feb. 19, 1996. [73] Assigneej WebTV Networks, nc, Mountain Robert Seidman, Artice: What Larry and Lou Know (That View, Caif, You Don t), c/net inc., 2 pages, Jan. 29, 1996. Susan Stein, Artice: The $500 Web Box: Less is More? [21] APPL NO: 656,923 c/net inc., 2 pages, 1996. [22] Fied: Jun_ 3 1996 Primary Examiner B~ermarr E. Gregory 6 H04L 9/08 H04L 9/00 Attorney, Agent, or Ftrm Workman, Nydegger & Seeey [51] nt. C...... ; [52] US. C...... 380/21; 380/9; 380/10; [57] ABSTRACT 380/49; 380/59 An apparatus and method for using network address infor [58] Fied of Search..... 380/4, 9, 21, 23, mation to improve the performance and increase the func 380/25, 49, 50, 59, 10 tionaity of network transactions. is discosed. n a cient network interface device having a processor and a memory [56] References Cited couped to the processor, the memory having stored therein U'S' PATENT DOCUMENTS sequences of instructions which when executed by the processor cause the processor to perform the steps of: 1) 4,182,933 1/1980 Rosebum..... 380/21 accessing a?rst server over a secure data communication 4,852,151 7/1989 Dittakavi et a- - 379/97 ine to obtain a cient encryption key, 2) accessing a second 478767717 10/1989 Bam f et a1 380/25 server over an unsecure data communication ine to estabish 479227523 5/1990 Hashmoto "" " 379/96 a connection with the second server, 3) encrypting informa 4 975 944 12/1990 Cho """"""" " 379/209 tion sent to the second server over the connection using the 4,995,074 5,005,011 2/1991 Godman et a.. 4/1991 Perman et a... 379/97 340/728 Cient encr t. k bt. d f th? t d 4 _ YP 10 e) O F16 mm 6 rs Server an ) 570567140 10/1991 Kimba 380/23 decrypting information received from the second server over 5,095,494 3/1992 Takahashi et at 375 /10 the connection using the cient encryption key obtained from 5,241,587 8/1993 Horton et a1, 379/92 the?rst server. The present invention further incudes 5,263,084 11/1993 Chaput et a...... 379/215 sequences of instructions which when executed by the 5,299,307 5,287,401 3/1994 2/1994 Young Lin..... 395/161 379/98 processor Connecting Cause to an the unsecure processor Server to perform Over an the unsecure steps of, data 573257423 6/1994 Lews ' communication ine to perform unsecure portions of a data 5,341,293 8/1994 Verteney et a...... 364/419.17 transaction 2) disconnecting from the unsecure Server and 5,369,688 11/1994 Tsukamoto et a........ 379/100 3) connec? n t d t _ 5,410,541 4/1995 H0110...................... 370/76 _ g 0 a a Commu a Secure Server We? a Secure 574257092 6/1995 Quirk 379/215 n1cat1on ine to perform secure portions of the data transac 5,469,540 11/1995 Powers, et a. 395/158 tion 5,488,411 1/1996 Lewis........................ 348/8 5,490,208 2/1996 Remiard..... 379/96 52 Caims, 16 Drawing Sheets CONVENTONAL NETWORK [NTgfQNET V352 fuss MERCHANT : 101m 0F FRVA'E SERVER PRESENCE NOBE SERVER M M w V450. P4854 Vase 1 NETWORK NTERFACE f3 WehTV CLENT (842 (844 (14s CLENT BOX DENTFER ENCRYPTON KEY STORAGE AREA NETWORK ADDRESS STORAGE AREA 41o
U.S. Patent Jan. 19,1999 Sheet 1 0f 16 5,862,220 CABLE PHONE 6 mp4 EEG] MODULE REMOTE CONTROL FG. 1
U.S. Patent Jan. 19,1999 Sheet 2 0f 16 5,862,220 VDEO RF 4:: [:1 u CABLE PHONE 09 E E 9 k J @853 g
U.S. Patent Jan. 19,1999 Sheet 3 0f 16 5,862,220 CABLE PHONE REMOTE CONTROL FG. 3
U.S. Patent Jan. 19,1999 Sheet 4 0f 16 5,862,220 ; VDEO 0R RF k c: E. CABLE PHONE f \ om Lwebvid E 9E ) AC
U.S. Patent Jan. 19,1999 Sheet 5 0f 16 5,862,220 /: L : U RF SDN PHONE r P SDN M KMODEM E! J [-9 w AC (53 (E
U.S. Patent Jan. 19,1999 Sheet 6 0f 16 5,862,220 WebTV SERVER r520 CONVENTONAL NETWORK (NTERNET) WebTV WebTV WebTV CLENT CLENT ' ' CLENT 61 FG. 6
U.S. Patent Jan. 19,1999 Sheet 7 0f 16 5,862,220 WebTV / 620 SERVER CONVENTONAL NETWORK (NTERNET) T10 WebTV WebTV WebTV WebTV CLENT CLENT ' ' CLENT CLENT 61 FG. 7
U.S. Patent Jan. 19,1999 Sheet 8 0f 16 5,862,220 CONVENTONAL NETWORK NTE1RZNET P-852 :fase MERCHANT PONT OF PRVATE SERVER PRESENCE NODE SERVER M m m : i Pr-s50 : {r854 P,_858 NETWORK NTERFACE f8 WebTV CLENT (842 (844 (846 CLENT BOX DENTFER ENCRYPTON KEY STORAGE AREA NETWORK ADDRESS STORAGE AREA 610 f FG. 8
U.S. Patent Jan. 19,1999 Sheet 9 0f 16 5,862,220 (910 (912 (914 NETWORK ADDRESS ENCRYPTON KEY PONT OF PRESENCE DETERMNATON GENERATON LOGC NODE LOCALTY LOGC (AN) AND STORAGE DETERMNATON LOGC [820 PRVATE SERVER NETWORK NTERFACE /84 : r,-sss NETWORK NTERFACE f8 WebTV CLENT f 61 FG. 9
U.S. Patent Jan. 19,1999 Sheet 10 0f 16 5,862,220 (1010 (1012 (1013 CLENT NETWORK CLENTS AUTHENTCATON GEOGRAPHCAL ENCRYPTON DATA DATA KEY STORAGE /620 WebTV SERVER NETWORK NTERFACE A014 /-1020 CONVENTONAL NETWORK (mrggzznsn FG. 10
U.S. Patent Jan. 19,1999 Sheet 11 0f 16 5,862,220 CLENT PROCESSNG LOGC PERFORM A POWER-UP N1T1QLZATON OF THE CLENT THE CLENT CONNECTS TO A PRVATE SERVER OVER A SECURE NETWORK LNE AND GETS THE NETWORK ADDRESS OF THE CLENT FROM THE PRVATE SERVER Leg. GET THE CLENT TELEPHONE NUMBER FROM AN AN SERVER). THE CLENT GE S AN ENCRYPTON KEY FOR THE CLEN; FROM THE P VATE SERVER. STORE THE CLENT NETWORK ADDRESS N A SECURE CLENT STORAGE AREA. STORE THE CLENT ENCRYPTON KE1Y1Z1 A SECURE CLENT STORAGE AREA. GET THE NETWORK ADDRESS OF A LOCAL PONT OF PRESENCE NODE FROM THE PRVATE11S6ERVER. 1_ DSCONNECT FROM THE PRVATE SERVER. CONNECT TO THE DENTFED LO1C8AL PONT OF PRESENCE NODE. OPEN A CONNECTON WTH THE WebTV SERVER THROUGH THE PONT OF PRESENCE NODE USNG THE CLENT ENCRYPTON KEY TO ESTABLSH A SECURE CONNECTON WTH THE WebTV SERVER OVER AN UNSECURE NETWORK LNE. PROVDE THE CLENT BOX DENTFER AND THE CLENT NETWORK ADDRESS TO THE Web1T1éoSERVER. EXT FG. 11
U.S. Patent Jan. 19,1999 Sheet 12 0f 16 5,862,220 ( PRVATE SERVER ) PROCESSNG LOGC RECEVE A REQUEST FROM A CLENT FOR A NETWORK ADDRESS A12J0AN ENCRYPTON KEY USE CONVENTONAL TECHNQUES TO OBTAN THE CLENT NETWORK ADDRESS. FOR A TELEPHONE NETWORK, USE CONVENTONAL AN TO OBTAN CLENT TELEPHO1N2E12NUMBER. DETERMNE F THE CLENT ALREADY HAS AN ENCRYPTON KEY. F NOT, GENERATE AN ENCRYPT?N KEY FOR THE CLENT. USE THE CLENT NETWORK ADDRESS TO DETERMNE WHCH PONT OF PRESENCE NODE S LOCAL TO THE CLENT'S NETWORK ADDRESS. FOR A TELEPHONE NETWORK, THE PRVATE SERVER FNDS THE TELEPHONE NUMBER OF A PONT OF PRESENCE MODEM N TH1E21L6OCAL CALLNG AREA OF THE CLENT. r RETURN A MESSAGE TO THE CLENT NDCATNG THE CLENT NETWORK ADDRESS, THE CLENT ENCRYPTON KEY, AND THE NETWORK ADDRESS OF A LOCAL PONT O1F21PéESENCE NODE. EXT FG. 12
U.S. Patent Jan. 19,1999 Sheet 13 0f 16 5,862,220 ( WebTV SERVER ) PROCESSNG LOGC RECEVE A REQUEST FROM A CLENT FOR AN OPEN CONNECTON. OBTAN THE CLENT BOX DENTFER AND THE CLENT N1EST1WJORK ADDRESS FROM THE REQUEST. F THE WebTV SERVER S A SEPERATE SERVER FROM THE PRVATE SERVER AND THE CLNT AUTHENTCATON DATA FOR THS CLENT HAS NOT YET BEEN NTALZED N THE WebTV SERVER, THE WebTV SERVER OPENS A SECURE CONNECTON WTH THE PRVATE SERVER OVER A SECURE NETWORK LNE AND OBTANS THE ENCRYPTON KEY FOR THE CLENT USNG THE CLENT BOX DENTFER AND THE CLENT NETWORK ADDRESS RECEVED FROM THE CLENT. THE WebTV SERVER DSCONNECTS FROM THE PRVATE SERVER, NTALZES THE CLENT AUTHENTCATON DATA WTH THE ENCRYPTON KE1Y3F1OR THS CLENT. THE WebTV SERVER COMPARES THE CLENT BOX DENTFER AND THE CLENT NETWORK ADDRESS WTH CLENT AUTHENTCATON DATA N THE WebTV SERVER. m2 CLENT AUTHENTCATED '? M RETURN ERROR TO CLENT NDCATNG AUTHENTCATON FALURE. M OPEN THE CONNECTON TO THE AUTHENTCATED CLENT M EXT FG. 13
U.S. Patent Jan. 19,1999 Sheet 14 0f 16 5,862,220 P RECEVE A SERVCE REQUEST FR1O1A0THE CLENT. CAN THE SERVCE REQUEST BE OPTMZED FOR GEOGRAPHCAL LOC1A4L1;Y? OBTAN REQUESTNG CLENT'S NETWOR1K41A4ODRESS. USE CLENT NETWORK ADDRESS TO LOOK UP THE CLENT'S GEOGRAPHCAL LOCALTY N THE NETWORK GE01Gt1RgPHCAL DATA. OPTMZE THE SERVCE REQUEST FOR THE CLENT'S GEOGRAtPgCAL LOCALTY. EXT FG. 14
U.S. Patent Jan. 19,1999 Sheet 15 0f 16 5,862,220 PRVATE SERVER PROCESSNG LOGC (commusn) RECEVE A REQUEST FROM THE WebTV SERVER FOR THE ENCRYPTON KEY OF A CLENT. REQUEST NCLUDES CLENT BO15N3MBER AND CLENT NETWORK ADDRESS. VERFY THAT THE REQUESTER S N FACT THE WebTV SERVER. USE THE PROVDED CLENT BOX NUMBER AND THE CLENT NETWORK ADDRESS TO OBTAN THE ENCRYPTON K5E1Y4FOR THS CLENT. RETURN A MESSAGE TO THE WebTV SERVER NDCATNG THE CLENT ENCRY1 g1gn KEY. EXT FG. 15
U.S. Patent Jan. 19,1999 Sheet 16 0f 16 5,862,220 CLENT PROCESSNG LOGC (FOR PLAYNG REAL-TME NETWORK GAMES) PERFORM A POWER-UP NTA1L61Z$TON OF THE LOCAL CLENT. OPEN A CONNECTON BETWEEN THE LOCAL CLENT AND THE WebTV SERVER THROUGH THE PONT OF PRESENCE NODE OVER A NON-REAL-TME NETWORK LNE. PROVDE THE LOCAL CLENT BOX DENTFER AND THE LOCAL CLENT NETWORK ADORESS1T6O2THE WebTV SERVER. LOCAL CLENT REQUESTS WebTV SERVER TO MATCH THE LOCAL CLENT WTH ANOTHER REMOTE GAME PLAYER kremote CLENTzz. LOCAL CLENT SPECFES GAME TTLE, SKLL LEVEL, AND OTHE NFOMQTON ELAYED TO PLAYER MATCHNG. WebTV SERVER RESPONDS TO THE LOCAL CLENT REQUEST WTH THE NETWORK ADDRESS OF A REMOTE CLENT WHO PREVOUSLY REQUESTED MATCHNG FOR PLAYNG THE SPEC1F61E6D REAL TME GAME. LOCAL CLENT DSCONNEC1T6S18FROM THE WebTV SERVER. THE LOCAL CLENT USES THE NETWORK ADDRESS OF THE MATCHED REMOTE CLENT OBTANED FROM THE WebTV SERVER (e? THE REMOTE CLENT TELEPHONE NUMBER). TO ESTABLSH A DRECT COMMUNCAT ON LNK WTH THE REMOTE CLENT OVER A REAL-TME NETWORK LNE. REAL-TME GAME PLAYNG MAY THEN BE NTATED OVER THE REAL-TME NETWORK LNE. M EXT FG. 16
1 METHOD AND APPARATUS FOR USNG NETWORK ADDRESS NFORMATON TO MPROVE THE PERFORMANCE OF NETWORK TRANSACTONS BACKGROUND OF THE NVENTON 1. Fied of the nvention This invention is in the?ed of teecommunications, as it reates to the use of network address information for net work transactions. 2. Cross-References to Reated Appications The present appication is reated to the foowing co-pending US. patent appications: US. patent appication entited, Web Browser Aowing Navigation Between Hypertext Objects Using Remote Contro, having appication Ser. No. 08/660,088, and?ed on Jun. 3, 1996, now pending; and US. patent appication entited, Method and Apparatus for Providing Proxying and Transcoding of Documents in a Network, having appication Ser. No. 08/656,924, and?ed on Jun. 3, 1996, now pending; US. patent appication entited, Method and Apparatus For Managing Communications Between a Cient and a Server in a Network, having appication Ser. No. 08/660, 087, and?ed on Jun. 3, 1996, now pending; which are assigned to the assignee of the present invention. 3. Description of Reated Art Conventiona computer network protocos are designed to operate within a given network topoogy. These protocos are?exibe enough to hande many different arrangements of nodes and robust enough to hande changes in the topoogy as computers are added or removed from the network. Because of the need to maintain?exibiity and mobiity, conventiona networks do not rey on information that is speci?c to a particuar geographic ocation. These network protocos usuay consider geographic indepen dence to be an advantage. n many areas of the United States, it is possibe to determine a caing teephone number from the teephone network. Teephone network services such as Caer D and Automatic Number denti?cation (AN) can provide a ca er s teephone number to a suitaby equipped teephone answering device, and then the teephone number can be transferred to a server couped to the answering device. n many caing areas, however, Caer D and Automatic Number denti?cation are not avaiabe either for technica or egisative reasons. n such areas it may be possibe to verify a user s area code, and possiby the caing area (eg city), but in some cases no identi?cation at a is possibe. Without a direct method to identify or verify a user s teephone number, indirect methods can be used. n various ways, therefore, conventiona means are avai abe for obtaining information pertaining to a particuar network node or network user. Athough this information is avaiabe, conventiona network protocos do not provide the functionaity to obtain this information or to use the infor mation to optimize the operation of the network. Thus, a better means and method is needed for optimizing network transactions. SUMMARY OF THE NVENTON The present invention is an apparatus and method for using network address information to improve the perfor mance and increase the functionaity of network transac 5,862,220 15 25 35 45 55 65 2 tions. A cient network interface device is discosed as having a processor and a memory couped to the processor, the memory having stored therein sequences of instructions which when executed by the processor cause the processor to perform the steps of: 1) accessing a?rst server over a secure data communication ine to obtain a cient encryption key, 2) accessing a second server over an unsecure data communication ine to estabish a connection with the second server, 3) encrypting information sent to the second server over the connection using the cient encryption key obtained from the?rst server, and 4) decrypting information received from the second server over the connection using the cient encryption key obtained from the?rst server. The present invention further incudes a cient network interface device having a processor and a memory couped to the processor, the memory having stored therein sequences of instructions which when executed by the processor cause the processor to perform the steps of, 1) connecting to an unsecure server over an unsecure data communication ine to perform unsecure portions of a data transaction, 2) disconnecting from the unsecure server; and 3) connecting to a secure server over a secure data communication ine to perform secure portions of the data transaction. t is an advantage of the present invention that informa tion externa to a network can be obtained and used to optimize network transactions. t is a further advantage of the present invention that automatic number identi?cation provided in a conventiona teephone network can be used to improve the performance and increase the functionaity of network transactions. These and other advantages of the present invention are fuy described in the foowing detaied description of the preferred embodiment. BREF DESCRPTON OF THE DRAWNGS The features and advantages of the present invention wi be apparent from the accompanying drawings and from the detaied description of the preferred embodiment of the present invention as set forth beow. FG. 1 iustrates the present invention as impemented on a modue for use in a teevision set. FG. 2 iustrates the present invention as impemented with an integrated cabe modem and decoder. FG. 3 iustrates the present invention as integrated in a teevision set. FG. 4 iustrates the present invention as impemented with a cabe modem and video input. FG. 5 iustrates the present invention as impemented with an SDN modem. FG. 6 iustrates the network con?guration of the present invention. FG. 7 iustrates the network con?guration of the present invention with point of presence (POP) nodes. FG. 8 iustrates the interna structure of the WebTV cient of the present invention. FG. 9 iustrates the interna structure of the private server of the present invention. FG. 10 iustrates the interna structure of the WebTV server of the present invention. FGS. 11 16 are?owcharts iustrating the processing ogic How of the present invention. DETALED DESCRPTON OF THE PREFERRED EMBODMENT The present invention is an apparatus and method for using network address information to improve the perfor
3 mance of network transactions. n the foowing detaied description, numerous speci?c detais are set forth in order to provide a thorough understanding of the present inven tion. However, it wi be apparent to one of ordinary ski in the art that these speci?c detais need not be used to practice the present invention. n other instances, we known structures, interfaces, and processes have not been shown in detai in order not to unnecessariy obscure the present invention. WebTVTM The preferred embodiment of the present invention is a ow-cost network interface device (WebTVTM) that uses a standard teevision set as a dispay device and standard teephone ines and/or other residentia communication net works as a network transport medium. The network interface device can be impemented as a system in various forms. FG. 1 iustrates the network device as a modue inserted into a jack provided on a standard teevision. FG. 2 ius trates the network interface device as a device with an integrated cabe modem and decoder buit in. FG. 3 ius trates the network interface device as an integrated unit buit into a teevision set. FG. 4 iustrates the network interface device as a device with a buit in video interface and cabe modem. FG. 5 iustrates the network interface device with a buit in SDN (ntegrated Services Digita Network) modem. n each case, a standard teephone connection is provided for the network interface device of the present invention to enabe communication over the conventiona teephone network. n con?gurations with cabe modem capabiity, communication over a cabe network is possibe in addition to communication over the teephone network. The cabe network is typicay much faster (i.e. provides a much greater bandwidth) than the standard teephone net work; however, cabe modems are typicay more expensive than standard POTS (as it is known in the art, Pain Od Teephone Service ) teephone modems. n an SDN con?guration, the network interface device has both an SDN modem and a standard POTS modem. Again, the SDN network is typicay faster than the POTS teephone network; however, SDN is currenty more expensive. n the preferred embodiment and in the description that foows, the present invention is described in the context of severa different types of networks or portions of a network. Speci?cay, the foowing de?nitions carify the different network types in which the preferred embodiment operates. These different network types incude: the conventiona POTS teephone network, the nternet network, Word Wide Web network, and the WebTV network. The POTS teephone network is a switched-circuit network that con nects a cient to a point of presence (POP) node or directy to a private server. The POP node and the private server connect the cient to the nternet network, which is a packet-switched network using a transmission contro protoco/nternet protoco (TCP/P). The Word Wide Web (WWW) network uses a hypertext transfer protoco (HTTP) and is impemented within the nternet network and sup ported by hypertext mark-up anguage (HTML) servers. The WebTV network uses an HTTP-based set of protocos impemented within the WWW network and supported by one or more HTML servers. The WebTV network connects each cient having a WebTV network interface device to other WebTV cients and to WebTV services. WebTV cients can aso browse information on a wide-area network reached through one of the network connections, such as the nternet or Word Wide Web (WWW), using the network interface device and the browser software provided therein. Athough the WebTV 5,862,220 15 25 35 45 55 65 4 browser is capabe of browsing the Word Wide Web directy, the WebTV network improves services beyond basic nternet access in severa ways. WebTV network services, incuding user registration and eectronic mai (emai) are provided on the WebTV network. The WebTV network aso improves user services by acceerating brows ing to far away WWW sites and by eiminating deays. n addition, the WebTV network provides content taiored to the WebTV cient s geographic area (geographic taioring). n this manner, cient access to ocaized services is improved. The WebTV network interface device can aso ef?cienty taior a response to a cient or use an appropriate network medium that reates to a particuar cient request. For exampe, the higher cost SDN or cabe network media can be used when high data rates are required, whie the ess expensive POTS teephone network can be used for ess critica or ower data rate transactions. The WebTV network can aso offoad storage from the WebTV network interface device, thereby reducing its cost. Referring to FG. 6, the basic construct of the WebTV network of the present invention is iustrated. A puraity of WebTV cients 610, each being a network interface device such as the WebTV network interface device described above, are couped to a WebTV server 620 via a conven tiona network infrastructure 612, such as the nternet and WWW. The WebTV server 620 is a standard networked computer system (eg a Sun Microsystems SparcStation) upon which software impementing the network functiona ity of the present invention is executed. This functionaity is described beow. Referring to FG. 7, an aternative embodiment of the basic construct of the WebTV network of the present inven tion is iustrated. A puraity of WebTV cients 610, each being a network interface device such as the WebTV net work interface device described above, are aternativey couped to a puraity of point of presence (POP) nodes 710. The point of presence nodes 710 provide a means by which cients 610 can access the network 612 through a oca node rather than incurring higher cost direct connections to net work 612. n a teephone network, for exampe, it is ess expensive for a cient 610 to estabish a teephone connec tion with a oca point of presence node 710 (i.e. modem in the case of a teephone network) in the oca caing area of the cient 610 rather than make a ong distance ca to a node of network 612. n the con?guration shown in FG. 7, cost bene?ts for the cient can be reaized. The present invention, however, is not constrained to this con?guration. Rather, the present invention can be impemented in either of the network con?gurations iustrated in FG. 6, FG. 7, or other equivaent network con?gurations. Use of Automatic Number denti?cation (AN) for secu rity veri?cation and authentication purposes. AN can be a effective too for verifying the ocation from which a network access is being made. For exampe, a WebTV cient network interface device 610 may access the WebTV network server 620 to request a particuar type of service. n some circumstances, it is necessary or desirabe to verify a cient s identity before performing the requested service. Teephone network services such as Caer D and Automatic Number denti?cation (AN) can be used to provide a requesting cient s teephone number to the WebTV server 620. This can be performed transparenty to the cient user. The WebTV server 620 may use the request ing cient s teephone number to authorize the competion of a requested service by comparing the requesting cient s teephone number to a ist of authorized teephone numbers maintained in the server 620. f the requesting cient s
5 teephone number is on the server ist, the requested service is competed for the cient. f the requesting cient s tee phone number is not on the server ist for the requested service, the cient is noti?ed that the requested service cannot be performed. Since AN and Caer D cannot be faked by a surreptitious user, this feature of the present invention aows the WebTV network to provide a signi? cant eve of security for network transactions. This authen tication feature is described in more detai in the foowing sections. There are a very few areas of the US. Where AN is not avaiabe. n such areas, the private server of the present invention Wi detect the ack of AN and direct the cient software to prompt the user for entry of a teephone number. Athough the present invention cannot verify the accuracy of the user-entered teephone number, the present invention can nevertheess verify that the user-entered teephone number is not a teephone number from an area With AN coverage. Another test can be performed to verify that the assumed teephone number (Whether obtained from AN or user entry) of a cient network interface device 610 is probaby correct. That is, the cient software in the cient network interface device 610 can direct the cient to dia its own assumed teephone number. f the diaed teephone number is not busy (i.e. a ring signa or disconnect signa is detected), the assumed cient teephone number cannot be correct. f the diaed teephone number is busy, the assumed cient teephone number probaby is correct; because, most teephone numbers are not busy the vast majority of the time. These tests provide a nomina eve of cient teephone number vaidation in areas With or Without AN service. Even in the very few areas of the US. and most of the Word Where AN service is not avaiabe, the process of the present invention for obtaining a secure encryption key and for performing secure transactions via a secure network to a private server sti operates. The ony capabiity ost in these areas is the automatic veri?cation of geographic ocaity provided by the present invention and described in more detai beow. Referring now to FGS. 8 through 15, bock diagrams and How charts iustrate the authentication feature of the pre ferred embodiment of the present invention. Referring now to FG. 8, the interface between the WebTV cient 610 and the conventiona network 612 is iustrated. n the preferred embodiment, WebTV cient 610 transmits and receives information over a direct communication channe 852 through network interface 840. Many conventiona commu nication channes such as channe 852 exists in the prior art. These communication channes incude conventiona POTS teephone ines through modems, integrated services digita network (SDN) ines, dedicated Wire or?ber optic ines. Aternativey, WebTV cient 610 may be couped to conventiona network 612 through a point of presence node 810. As described earier, point of presence node 810 provides a means for WebTV cient 610 to interface With conventiona network 612 through a oca point of presence node 810. n this manner, the communication channe 854 between cient 610 and point of presence node 810 can be a ess expensive channe than the direct connect channe 852. n either con?guration, WebTV cient 610 is enabed to transmit and receive information via conventiona network 612. One characteristic of the conventiona network 612 such as the nternet is the reativey unsecure transmission envi ronment over the conventiona network. Because of this unsecure characteristic of conventiona network 612, con?dentia communications, commercia transactions, or other 5,862,220 10 25 35 45 55 65 6 transfers of information or transactions requiring a secure environment cannot take pace. For this reason, the present invention adds additiona functionaity to authenticate a particuar WebTV cient and estabish a secure and con? dentia communication between WebTV cient 610 and WebTV server 620. A private server 820 is used in the preferred embodiment of the present invention to create a secure network environment in a manner to be described in more detai beow. Referring again to FG. 8, private server 820 is shown couped to cient 610 via a secure communication ine 858. Secure communication ine 858 can be any of a number of conventiona secure communication techniques empoyed in the prior art incuding direct POTS teephone ine connections, dedicated transmission ines, or point-to-point data communications media. n the preferred embodiment, a secure communication between WebTV cient 610 and pri vate server 820 is estabished by use of a pre-assigned (800) teephone number that estabishes a direct point-to-point communication ink between private server 820 and cient 610. n this manner, a secure communication environment between cient 610 and private server 820 can be guaranteed. Using the techniques of the present invention as described beow, WebTV cient 610 initiay estabishes a secure communication With private server 820 in order to subse quenty estabish a secure communication environment through conventiona network 612. n order to estabish a secure communication environment With conventiona network 612, WebTV cient 610 incudes a cient box identi?er 842. Cient box identi?er 842 is an eectronicay readabe unique number or aphanumeric string Which differentiates a particuar WebTV cient unit 610 from a others. Conventiona techniques are We known for instaing a unique identi?cation code in an eectronic device. WebTV cient 610 aso incudes an encryption key storage area 844 and a network address storage area 846. Storage areas 844 and 846 are eectronicay readabe and modi?abe memory ocations used for the storage of particuar items of information used during the authentication process of the present invention. Encryption key storage area 844 is used for the storage of an encryption key provided by the private server 820 and used by cient 610 in its communications through conventiona network 612. NetWork address storage area 846 is used for the storage of a network address at Which WebTV cient 610 is currenty ocated. n the case of a teephone ink between cient 610 and network 612, the cient network address represents the teephone number from Which cient 610 is caing. Both encryption key 844 and network address 846 may be stored in a variety of conventiona memory means incuding battery-backed CMOS memory,?ash memory, dynamic random access memory (DRAM), or static random access memory (SRAM). The WebTV cient 610, WebTV server 620, and private server 820 may incude computer-readabe media having stored thereon computer-executabe instructions for execut ing seected steps of the methods discosed herein. By Way of exampe, and not imitation, such computer readabe media comprise RAM, ROM, EEPROM, CD-ROM or other optica disk storage, magnetic disk storage or other magnetic storage devices, or any other medium Which can be used to store the desired executabe instructions and Which can be accessed by a genera purpose or specia purpose computer. Combination of the above are aso incuded Within the scope of computer readabe media. Referring now to FG. 9, the interna components of private server 820 (?rst server) used for authentication are