Virtual route scheme for preventing authentication bypass in the WWW environment

´Authentication bypass´ is an attack that an illegal user utilizes the protected resources by making a detour to avoid identification processes in the digital system. Especially the problem is severe in the WWW environment, which has every resource as static URL(uniform resource location), people don´t have to pass the identification process for accessing the resource. Innumerable security techniques were proposed in the WWW environment, but these mechanisms did not solve the authentication bypass. To solve the authentication bypass, this paper proposes virtual route scheme which keeps up a resource location as dynamic URL. According to the virtual route scheme, a resource is located at where is not belong to the WWW environment. When a user passes an authentication process, the resource holder generates a virtual route for the user to access the resource. The virtual route lasts until the expiration of the user´s authentication session, and it is removed when the user ends his/her session. Virtual route scheme can protect the resource even though an illegal user bypasses the authentication process. Also it is because the resource does not preserve a static URL, virtual route scheme is able to protect the intellectual property rights. Only an authenticated user can be provided a virtual route, which validates identification with the resource´s URL