NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Derived PIV Application and Data Model Test Guidelines

Published

Author(s)

David Cooper, Hildegard Ferraiolo, Ramaswamy Chandramouli, Nabil Ghadiali, Jason Mohler, Steven Brady

Abstract

NIST Special Publication (SP) 800-157 contains technical guidelines for the implementation of standards-based, secure, reliable, interoperable Public Key Infrastructure (PKI)-based identity credentials that are issued for mobile devices by federal departments and agencies to individuals who possess and prove control over a valid Personal Identity Verification (PIV) Card. This document, SP 800-166, contains the requirements and test assertions for testing the Derived PIV Application and associated Derived PIV data objects implemented on removable hardware tokens and within mobile devices. The tests reflect the design goals of interoperability and interface functions.
Citation
Special Publication (NIST SP) - 800-166
Report Number
800-166
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.SP.800-166
Local Download

Keywords

authentication, derived PIV application, derived PIV application data model, derived PIV credential, derived test requirements (DTR), FIPS 201, implementation under test (IUT), mobile devices, Personal Identity Verification (PIV), test assertions, token command interface.
Information technology, Federal information processing standards (FIPS), Cybersecurity and privacy and Conformance testing

Citation

Cooper, D. , Ferraiolo, H. , Chandramouli, R. , Ghadiali, N. , Mohler, J. and Brady, S. (2016), Derived PIV Application and Data Model Test Guidelines, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-166, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=920852 (Accessed October 17, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created June 5, 2016, Updated October 14, 2021
Was this page helpful?