Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-166

Derived PIV Application and Data Model Test Guidelines

Date Published: June 2016


David Cooper (NIST), Hildegard Ferraiolo (NIST), Ramaswamy Chandramouli (NIST), Nabil Ghadiali (National Gallery of Art), Jason Mohler (Electrosoft Services), Steven Brady (Electrosoft Services)



authentication; derived PIV application; derived PIV application data model; derived PIV credential; derived test requirements (DTR); FIPS 201; implementation under test (IUT); mobile devices; Personal Identity Verification (PIV); test assertions; token command interface
Control Families

Identification and Authentication


Download URL

Supplemental Material:
None available

Related NIST Publications:
ITL Bulletin

Document History:
06/06/16: SP 800-166 (Final)