KERBEROS AUTHENTICATION PROTOCOL

Internet is the most unsecure place in this world. Kerberos is one of the most secure authentication protocols being used designed by Massachusetts Institute of Technology. Many of them consider that firewalls could protect the network. But firewalls assume that hackers and crackers are outside the network. But this assumption is false. It is as insecure as, if the passwords are sent from one host to other in unencrypted format, it is clearly visible by the bad guys. Thus it is highly prone to risks.

Kerberos is authentication protocol which allows client and server to authenticate in the most secure way and communicate as well. So all the messages and communication done is in encrypted format which is least considered as visible to outsiders. So Kerberos provides a secure solution for communication.

Concepts Prior to TCP/IP Transport layer

Let us consider two hosts(computers), host A and host B. The two hosts use a common protocol to communicate with each other on the same layer. The protocol which is defined by each host(layer on each host) , uses a header that is transmitted between the host A and host B for mutual communication. This mode of communication is referred as Same-layer interaction on different computers.

In TCP/IP protocol architecture, the low-level layer provides a service to a high-level layer. For example, transport layer provides service to application layer, i.e. TCP(transport layer protocol) provides service to HTTP(application layer protocol). This is the best example to understand that when HTTP requests for a web page, TCP does it. This mode of communication is often referred as Adjacent-layer interaction on the same computer.

Application Layer Firewall

In simple, the firewall that works at the application layer is considered as application layer firewall.
As the firewall is placed at application level, the administrator can block the inappropriate content such as websites, spams and viruses.

If TCP/IP and OSI reference models are compared, all the top 3 layers in OSI (Application, Presentation and Session) are considered as only 1 layer in TCP/IP(Application). So the Application layer does not route traffic on the Internet layer (which is done by the other layers in OSI). Only the traffic which satisfies the so called rules by the administrator can be put through the firewall.