This Paper aims to build a maturity model of data sovereignty security capability for evaluating the state of a country’s data sovereignty security capability and proposing improvement strategies for weak links, so as to provide intellectual support for the formulation of relevant standards in the future. Based on the standards of the capability maturity model and related research results, the three-dimensional structure of the model, with the analytic hierarchy process, is determined, the key process areas are identified, the capability dimension is constructed, and the maturity level is determined. The study found that the maturity model of data sovereignty security capability consists of three key process areas, namely, "local data storage", "cross-border data flow" and "extraterritorial jurisdiction of data", five capability dimensions , namely, "cultural education", "technical tools", "policy strategies", "organizational construction", and "legislation and judiciary", and five maturity levels, namely, "initial level", "development level", "necessary level", "sufficiency level" and "optimization level". In which the capability dimension includes 19 components, which are the basis for describing the 29 key practices required by the capability maturity level.