Connecting the world and beyond

Year in Review 2025

Interregional Training Course on ITU International Standards: Data Protection (X.1220/X.nspam) and Passwordless Authentication (X.1280)

​​​​​​​​BACKGROUND

This training program provides a comprehensive three-day curriculum on two international security standards—Storage Protection (X.1220/X.nspam) and Passwordless Authentication (X.1280)—along with related free software for use in healthcare institutions and B2C online service environments.

Participants will gain both theoretical knowledge and practical experience in storage protection technologies that defend against ransomware and data exfiltration, as well as passwordless authentication technologies that prevent phishing attacks. The program ensures that participants acquire hands-on skills applicable to real-world environments. (Non-developers can also participate in the Day 1 and Day 2 morning practical sessions.)

​PROGRAM OBJECTIVES

    • Storage Protection (X.1220/X.nspam): Understand and apply storage security technologies that prevent data tampering and leakage caused by ransomware and malware.
    • Passwordless Authentication (X.1280): Understand and apply passwordless mutual authentication technologies that protect user accounts from phishing attacks.
    • Experiential Learning: Strengthen competencies in data and account protection by directly installing and integrating Storage Protection Software (for data security) and Passwordless X1280 software (for account security).​​​

CURRICULUM BY DAY

Day 1 – Storage Protection (X.1220 & X.nspam)

Subtitle: Theory and Practice of Storage Protection for Preventing Data Exfiltration and Responding to Ransomware

Pre-requirements:​

  • ​​​Laptop (Windows 11 recommended) – Mac is also supported, but training will primarily be based on Windows

Details:

Morning Theory :

  • ​Understanding international storage protection standards X.1220 and X.nspam​
  • Introduction to X.1220 and X.nspam technologies
  • Overview of the ProtectMedicalData Initiative and global collaborations
  • Demonstration and hands-on experience with folder-level storage protection software and application-level storage protection software​​

Afternoon Practice:

  • Understanding international storage protection standards X.1220 and X.nspam
  • Introduction to X.1220 and X.nspam technologies
  • Overview of the ProtectMedicalData Initiative and global collaborations
  • Demonstration and hands-on experience with folder-level storage protection software and application-level storage protection software​​

 ​

Day 2 – Pass​wordle​ss Authentication (X.1280) Part 1

Subtitle: Overview and Theoretical Application of Passwordless Authentication Based on International Standards

Pre-requirements:

  • Laptop (Windows 11 or Mac)
  • Smartphone
  • GitHub account

Details:

Morning Theory:

  • Introduction to the international standard X.1280
  • Overview of the Passwordless Alliance and global collaborations
  • User-level experience with Passwordless X1280

Afternoon Theory + Practice:

  • Team formation and AWS environment setup
  • Understanding X.1280 server architecture and Docker image installation training
  • Reviewing sample code on GitHub and preparing the environment
  • Hands-on practice session

 

Day 3 – Passwordless Authentication (X.1280) Part 2 (Web developer skillset required)

Subtitle: Advanced Configuration and Practical Application of Passwordless X1280

Details:

Morning Practice:

  • Configuring and testing the Passwordless X1280 server
  • Integrating the mobile app with the server
  • Connecting sample services to the Passwordless X1280 server
  • Running user registration and approval scenarios

​ Afternoon Application & Wrap-Up:

  • ​Group project: Designing a “Targeted Model Combining Storage Protection + Passwordless Authentication"
  • Team presentations and discussions
  • Instructor feedback & Q&A
  • Program summary, evaluation, and completion ceremony

Note; For each technology, two dedicated instructors will lead the training: one will give the lecture, while the other will serve as an on-site interpreter and assistant instructor. n addition, for the Passwordless authentication training, each team will need two AWS VMs for two days.​

ABOUT THE PARTNERSHIP

​Organized by:

International Telecommunication Union (ITU)


Telecommunication Technology Association (TTA) Republic of Korea​


Passwordless Alliance

RESOURCES

FOCAL POINT

​​Mr. Calvin Chan
Programme Administrator
calvin.chan@itu.int

Mr. Farid Nakhil
Programme Coordinator
farid.nakhli@itu.int

© ITU All Rights Reserved

Back to top