Derived PIV Application and Data Model Test Guidelines

Cooper, David; Ferraiolo, Hildegard; Chandramouli, Ramaswamy; Ghadiali, Nabil; Mohler, Jason; Brady, Steven

doi:https://doi.org/10.6028/NIST.SP.800-166

NIST SP 800-166

Derived PIV Application and Data Model Test Guidelines

Documentation Topics

Date Published: June 2016

Author(s)

David Cooper (NIST), Hildegard Ferraiolo (NIST), Ramaswamy Chandramouli (NIST), Nabil Ghadiali (National Gallery of Art), Jason Mohler (Electrosoft Services), Steven Brady (Electrosoft Services)

Abstract

NIST Special Publication (SP) 800-157 contains technical guidelines for the implementation of standards-based, secure, reliable, interoperable Public Key Infrastructure (PKI)-based identity credentials that are issued for mobile devices by federal departments and agencies to individuals who possess and prove control over a valid Personal Identity Verification (PIV) Card. This document, SP 800-166, contains the requirements and test assertions for testing the Derived PIV Application and associated Derived PIV data objects implemented on removable hardware tokens and within mobile devices. The tests reflect the design goals of interoperability and interface functions.

Keywords

authentication; derived PIV application; derived PIV application data model; derived PIV credential; derived test requirements (DTR); FIPS 201; implementation under test (IUT); mobile devices; Personal Identity Verification (PIV); test assertions; token command interface

Control Families

Identification and Authentication

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-166
Download URL

Supplemental Material:
None available

Related NIST Publications:
ITL Bulletin

Document History:
06/06/16: SP 800-166 (Final)

Topics

Security and Privacy

authentication, Personal Identity Verification, public key infrastructure

Technologies

mobile

Laws and Regulations

Federal Information Security Modernization Act, Homeland Security Presidential Directive 12