关键词: 零信任架构, 数字安全屏障, 动态身份治理, 数据主权, 政策驱动

Abstract: Amid the wave of digital transformation, the traditional boundarybased network security model is increasingly ineffective in dynamic and border less environments. The United States has taken the lead in restructuring its cybersquatting system through a systematic zerotrust strategy, and its trinity practice path of “policytechnologyecology” is of reference significance for China to build a digital security barrier. This paper uses case analysis and policy comparison methods to deeply analyze the toplevel design logic, core technological breakthrough points, and ecological coordination mechanisms of the U.S. zerotrust strategy, revealing its essence of transitioning from “passive protection” to “active immunity”. Based on a deep diagnosis of the complexity of China’s ultralargescale network ecosystem, the shortcomings in the autonomy of core technologies, and the challenges of data sovereignty governance, this paper proposes a Chinesestyle “fourdimensional integrated” implementation path: breaking the fragmented dilemma with systematic toplevel design; breaking through technological bottlenecks with the integration of national cryptography and AIdriven technologies; building a security ecosystem with costsharing and standard leadership through governmententerprise collaboration; and addressing implementation limitations with scenario classification and privacy enhancement. The study emphasizes that China needs to innovate on the basis of reference, take zero trust as an important engine for building a digital security barrier, and balance the needs of security protection with the development of the digital economy.

Key words: zero trust architecture, digital security barrier, dynamic identity governance, data sovereignty, policydriven