In a preferred embodiment of the invention, a network client (42) inserts an authorization key (38) into the SEQ (30) and ACK (32) fields of a TCP connection request (56). The TCP connection request (56) is sent to a authorizing server (46). The authorizing server (46) extracts the authorization key (38) and uses the authorization key (38), with other implicit and explicit data contained within the TCP connection request (56) to authorize the TCP connection request (56). If the TCP connection request (56) is authorized, the authorizing server (46) sends a TCP-SYN/ACK (58) back to the network client (42) as described in the TCP protocol specification. If the TCP connection request (56) is denied, the TCP connection request (56) is discarded and nothing is sent back to the network client (42).