Prior art — US Patent 7490151

The US patent 7490151, titled "Establishment of a secure communication link based on a domain name service (DNS) request," describes a method, system, and DNS proxy server for establishing a secure communication link between two computers. The core of the invention involves a first computer sending a DNS request for a domain name associated with a second computer, where the request includes an identification of the first computer. A DNS proxy server intercepts this request, generates multiple Internet Protocol (IP) addresses for the second computer from a predetermined block, and sends these addresses back to the first computer in a DNS response. These multiple IP addresses are then used to establish the secure communication link. The patent was filed on September 30, 2002, and published on February 10, 2009, with a priority date of October 30, 1998.

The claims of US7490151 focus on:

Claim 1 (Method): Sending a DNS request with first computer identification, receiving it at a DNS proxy, generating multiple IP addresses from a block at the proxy in response to the request, sending these IPs in a DNS response, and establishing a secure link using these IPs.
Claim 18 (System): A system including a first computer, a DNS proxy server, and a second computer configured to perform the method steps of Claim 1.
Claim 26 (DNS Proxy Server): A DNS proxy server with a receiver for the DNS request, a generator for the multiple IP addresses from a block, and a transmitter for the DNS response, all for establishing a secure communication link.

A comprehensive review of the "Prior art references" section from the Google Patents page for US7490151 reveals a significant number of cited patents. Many of these patents, particularly those by D'Eon et al., are related to secure communications, IP address hopping, and virtual private networks, suggesting a lineage within similar technologies. For brevity and to highlight the most relevant prior art directly addressing the novel aspects of US7490151 (specifically the DNS proxy involvement in generating multiple IPs for a secure link), a selected subset of the cited patents will be analyzed in detail. The D'Eon et al. patents appear to be a large family of related applications to the assignee and often share common inventive concepts.

Most Relevant Prior Art for US7490151

Based on the core inventive concept of using a DNS request and a DNS proxy to facilitate the establishment of a secure link with multiple IP addresses, the following prior art references are considered particularly relevant.

1. U.S. Patent 5,764,767

Full Citation: US5764767A, "Secure connection management system and method," by Cramer et al., published on June 9, 1998.
Publication/Filing Date: Published: 1998-06-09, Filed: 1996-03-29.
Brief Description: This patent describes a system and method for establishing and managing secure connections over a public network, such as the Internet, using security servers. It focuses on cryptographic key exchange and tunnel establishment between a client and a security server, and between security servers, to create secure communication paths. While it discusses secure connections and tunnels, it does not explicitly detail the use of a DNS proxy to provide multiple IP addresses in response to a DNS request to facilitate such a connection.
Potential Anticipation (35 U.S.C. § 102): US5764767A teaches a system for establishing secure communication links (e.g., VPNs) between a client and a server. This could potentially anticipate the general concept of establishing a "secure communication link" as recited in the preambles of claims 1, 18, and 26 of US7490151. However, it does not appear to teach the specific mechanism of using a "DNS request" that "comprises an identification of the first computer," a "DNS proxy server" that "generates a plurality of Internet Protocol (IP) addresses for the second computer," or the establishment of the secure link "using the plurality of IP addresses." Thus, it might anticipate the broad objective but not the specific claimed means.

2. U.S. Patent 5,892,903

Full Citation: US5892903A, "Method and apparatus for routing data through a network," by Klausner et al., published on April 6, 1999.
Publication/Filing Date: Published: 1999-04-06, Filed: 1996-09-19.
Brief Description: This patent describes a method for routing data through a network by establishing a secure, anonymous path between two nodes. It discusses the use of proxy servers or routers to obscure the origin and destination of communications, often involving multiple hops and encryption to enhance privacy and security. While it emphasizes anonymous and secure routing, it does not specifically describe using a DNS request as the trigger for obtaining multiple dynamic IP addresses from a proxy for the secure connection.
Potential Anticipation (35 U.S.C. § 102): US5892903A is relevant to the broader concept of secure communication over a network and the use of intermediate nodes (proxies/routers) to enhance anonymity. Elements such as "secure communication link" in claims 1, 18, and 26 of US7490151 might find general support here. However, the specific inventive steps of US7490151, such as initiating the process with a DNS request, the DNS request including client identification, a DNS proxy generating a plurality of IP addresses, and then using these multiple IP addresses for the secure link, are not explicitly disclosed in the abstract of US5892903A.

3. U.S. Patent 7,010,604

Full Citation: US7010604B1, "System and method for creating a virtual private network," by D'Eon et al., published on March 14, 2006.
Publication/Filing Date: Published: 2006-03-14, Filed: 1999-10-29.
Brief Description: This patent (and the many other D'Eon et al. patents cited, many of which share a common priority date) describes a system and method for creating a virtual private network (VPN) using "TARP" (Trusted Anonymous Relay Protocol) routers and techniques like IP agility (changing IP addresses). It details how client computers and TARP routers establish secure sessions using shared algorithms for IP address hopping. This patent family is closely related to the assignee of US7490151. Critically, US7490151's priority is claimed from US09/429,643, which is likely a parent application to many of these D'Eon et al. patents or part of the same patent family.
Potential Anticipation (35 U.S.C. § 102): Given the shared inventors and assignee, and the common underlying "TARP" technology, US7010604B1 (and its many related D'Eon et al. patents) is highly relevant prior art. It teaches the establishment of secure communication links (VPNs) between computers using dynamically changing IP addresses (IP hopping) for enhanced security and anonymity. This directly relates to the "secure communication link" aspect of US7490151. The description of TARP in US7490151 mentions an "IP address changes made by TARP terminals and routers can be done at regular intervals, at random intervals, or upon detection of 'attacks.'" Furthermore, US7490151 itself references "a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry" in its own description of improvements.

The key question for anticipation under § 102 would be whether US7010604B1 (or its priority documents) explicitly discloses the specific combination of:
1. A DNS request for a domain name associated with the second computer.
2. The DNS request comprising an identification of the first computer.
3. A DNS proxy server configured to intercept DNS requests for the domain name.
4. The DNS proxy server generating a plurality of IP addresses for the second computer from a predetermined block in response to the DNS request.
5. The DNS proxy server sending a DNS response comprising the plurality of IP addresses.
6. The establishment of a secure communication link using the plurality of IP addresses.
While US7010604B1 strongly suggests IP agility and secure link establishment, its abstract does not explicitly detail the DNS proxy-based mechanism for dynamically providing multiple IP addresses in response to a DNS query as the initiation point for the secure link, which is a distinguishing feature of US7490151's claims. If an earlier D'Eon et al. patent explicitly detailed the DNS proxy functionality as claimed in US7490151 and had a priority date preceding US7490151's effective filing date, it would be highly anticipatory. Without a deep dive into the full specification and claims of US7010604B1 and its entire family, it is difficult to definitively say it anticipates all elements of US7490151's claims. However, it certainly covers the broad concepts of secure communication and IP agility that form the basis upon which US7490151 builds its specific DNS-driven solution. Claims 1, 18, and 26 could be challenged for obviousness (35 U.S.C. § 103) in light of US7010604B1 and general DNS practices, as the idea of using DNS to facilitate network connections is well-known.

The substantial number of D'Eon et al. patents (many with publication dates after the filing date of US7490151, but often sharing earlier priority dates) indicates a broad and evolving patent landscape around secure networking and IP hopping. A thorough analysis of prior art would necessitate a detailed examination of the earliest priority documents within the D'Eon et al. family that disclose aspects related to dynamic IP assignment and secure link establishment. However, without direct access to the full text and prosecution history of each, this analysis provides a high-level assessment.