A bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/JSON calls. The bank wants to ensure that the communication is stateless between the mobile application and the web services gateway. Which of the following controls MUST be implemented to enable stateless communication?

A bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/JSON calls. The bank wants to ensure that the communication is stateless between the mobile application and the web services gateway. Which of the following controls MUST be implemented to enable stateless communication?
A . Generate a one-time key as part of the device registration process.
B . Require SSL between the mobile application and the web services gateway.
C . The jsession cookie should be stored securely after authentication.
D . Authentication assertion should be stored securely on the client.

View Answer

Answer: D