零信任技术在高等院校中的应用研究进展
Research Progress on the Application of Zero Trust Technology in Higher Education Institutions
DOI: 10.12677/csa.2026.166226, PDF,    科研立项经费支持
作者: 周 敏, 陈伟杰, 陈泽生*, 冯李春, 陈勇标, 林川行:广州美术学院信息技术中心,广东 广州
关键词: 零信任高等院校网络安全访问控制身份管理Zero Trust Higher Education Institutions Cybersecurity Access Control Identity Management
摘要: 随着高等教育数字化转型的持续深化,云计算、移动办公与物联网技术的普及使得高校网络边界日趋模糊,传统基于物理边界的静态防护体系已难以适配开放多元的校园网络环境,更无法应对高频化、复杂化的网络攻击威胁,教育行业已成为全球网络攻击的重点受害领域,零信任安全范式为破解高校网络安全困境提供了核心解决方案。本文系统梳理了零信任技术的理论演进、核心原则与架构体系,结合高等院校的网络安全特性与场景化需求,全面解析了零信任技术在高校领域的全球应用进展、典型落地场景与国内外标杆实践案例,深入剖析了当前高校零信任建设的核心瓶颈与挑战。
Abstract: With the continuous deepening of the digital transformation of higher education, the popularization of cloud computing, mobile office and Internet of Things technologies has made the network perimeter of universities increasingly blurred. The traditional static protection system based on physical perimeter can no longer adapt to the open and diversified campus network environment, let alone cope with the high-frequency and sophisticated cyber attack threats. As a result, the education sector has become a key victim of global cyber attacks, while the Zero Trust security paradigm provides a core solution to address the cybersecurity dilemma of colleges and universities. This paper systematically sorts out the theoretical evolution, core principles and architecture system of Zero Trust technology. Combined with the cybersecurity characteristics and scenario-based requirements of higher education institutions, it comprehensively analyzes the global application progress, typical implementation scenarios, and domestic and international benchmark practice cases of Zero Trust technology in the higher education field, and deeply dissects the core bottlenecks and challenges of current Zero Trust construction in colleges and universities.
文章引用:周敏, 陈伟杰, 陈泽生, 冯李春, 陈勇标, 林川行. 零信任技术在高等院校中的应用研究进展[J]. 计算机科学与应用, 2026, 16(6): 268-276. https://doi.org/10.12677/csa.2026.166226

参考文献

[1] 中国信通院CAICT. 中国信通院发布《零信任发展研究报告(2023年)》 [R/OL]. 2023-08-28.
https://mp.weixin.qq.com/s/xdNw_Xb2obUu6E1nhB1sSg, 2025-11-19.
[2] 美国国家标准与技术研究院, 美国商务部. 《NIST零信任架构(正式版)》 [R/OL].
https://mp.weixin.qq.com/s/5oQgaoBxKU9FYeWIvg9P0Q, 2026-04-10.
[3] 张嘉伟, 蒋亚丽, 王进. 基于UEBA的零信任安全体系架构设计与实现[J]. 信息安全与通信保密, 2024(11): 71-84.
[4] 赵敏, 瞿康健. 零信任架构及其技术应用研究综述[J/OL]. 信息网络安全: 1-18.
https://link.cnki.net/urlid/31.1859.TN.20260319.1852.002, 2026-06-17.
[5] 秦文远, 安宁. 基于零信任架构的线上培训安全平台研究[J]. 网络安全与数据治理, 2025, 44(5): 10-16.
[6] (2023) Zero Trust Maturity Model Version 2.0. Cybersecurity and Infrastructure Security Agency, Cybersecurity Division.
https://www.cisa.gov/zero-trust-maturity-model
[7] NSTAC (2022) Zero Trust and Trusted Identity Management.
https://www.cisa.gov/sites/default/files/publications/NSTAC%20Report%20to%20the%20President%20on%20Zero%20Trust%20and%20Trusted%20Identity%20Management%20%2810-17-22%29.pdf
[8] National Security Agency (2021) Embracing a Zero Trust Security Model. National Security Agency.
https://cloudsecurityalliance.org/zt/resources/embracing-a-zero-trust-security-model
[9] 中国信息通信研究院, 奇安信科技集团股份有限公司. 网络安全先进技术与应用发展系列报告——零信任技术[R/OL].
https://pdf.dfcfw.com/pdf/H3_AP202008141398426442_1.pdf, 2026-05-07.
[10] 云计算与大数据研究所. 《零信任发展洞察报告(2024)》正式发布! [R/OL].
https://mp.weixin.qq.com/s/KApA0efglDE2P0cw75Ldbg, 2025-11-19.
[11] SentinelOne (2026) Cybersecurity in Higher Education: Risks, Best Practices & Frameworks. SentinelOne.
https://www.sentinelone.com/cybersecurity-101/cybersecurity/cybersecurity-in-higher-education/
[12] Microsoft Security (2026) What Is Zero Trust Architecture?
https://www.microsoft.com/en-us/security/business/security-101/what-is-zero-trust-architecture
[13] Kerman, A., Souppaya, M., Scarfone, K., et al. (2022) Implementing a Zero Trust Architecture: 1800-35E. National Institute of Standards and Technology.
[14] 张文柱, 石亚坤, 高杜梅. 边云协同下的计算卸载与资源分配策略[J]. 计算机工程与科学, 2026, 48(3): 398-410.
https://kns.cnki.net/KCMS/detail/detail.aspx?dbcode=CJFQ&dbname=CJFDAUTO&filename=JSJK202603003
[15] 曾宇. 基于零信任架构的信息化系统数据访问控制与安全隔离技术[J]. 电子元器件与信息技术, 2025, 9(3): 163-166.
[16] 张宇南, 洪超, 杨祎巍, 等. 基于零信任网络安全的身份验证与授权的新型架构研究[J]. 网络安全技术与应用, 2025(7): 19-23.
[17] 金志刚, 林亮成, 陈旭阳. 行为异常检测技术在零信任访问控制中的应用[J]. 信息安全研究, 2024, 10(10): 921-927.
[18] Rohann@Checkpoint.Com (2025) Global Cyber Attacks Surge 21% in Q2 2025—Europe Experiences the Highest Increase of All Regions.
https://blog.checkpoint.com/research/global-cyber-attacks-surge-21-in-q2-2025-europe-experiences-the-highest-increase-of-all-regions/
[19] (2026) Zero-Trust Security Market Size, Share, Growth, and Industry Analysis.
https://www.industryresearch.biz/market-reports/zero-trust-security-market-108775
[20] Viano, A. (2026) Why Are Universities Slow to Adopt Zero Trust?
https://edtechmagazine.com/higher/article/2024/07/why-are-universities-slow-adopt-zero-trust
[21] Chris Liou, N. (2025) Network Security in Higher Ed: The Importance of Zero Trust.
https://www.ecampusnews.com/cybersecurity/2025/07/16/network-security-in-higher-ed-the-importance-of-zero-trust/
[22] OKTA (2026) Etude okta: Le zéro trust à l’agenda des conseils d’administration, son adoption ayant augmenté de 500%.
https://www.globalsecuritymag.fr/Etude-Okta-Le-Zero-Trust-a-l,20220919,130010.html
[23] 贾万祥, 张平华. 零信任架构下的智慧校园安全性实测技术[J/OL]. 鄂州大学学报, 2024, 31(1): 99-101, 112.
[24] 殷浩翔. 面向智慧视听的省级平台网络安全防护体系研究与应用——以“视听四川”平台为例[J]. 广播电视信息, 2026, 33(3): 79-82.
[25] 张震. 零信任API网关在高校网络运维中的应用[J]. 无线互联科技, 2024, 21(23): 69-72, 93.
[26] 网宿科技x清华大学|构建高校零信任安全接入体系[EB/OL]. 2022-10-13.
https://www.wangsu.com/news/content/news/3112, 2026-04-13.
[27] 厦门大学x网宿SASE: 重塑百年学府安全边界[EB/OL]. 2025-09-11.
https://www.wangsu.com/news/content/productupdates/4009, 2026-04-07.
[28] 河南科技大学: 零信任助力降本增效护安全, 满足数字化转型安全建设需求[EB/OL]. 2022-12-07.
https://www.sangfor.com.cn/case/1670231025432, 2026-04-13.
[29] 校园远程访问体验与安全双重升级[EB/OL]. 2026-03-31.
https://xxzx.xidian.edu.cn/info/1396/4183.htm, 2026-04-15.