The invention discloses a file security control and trace method and system based on digital fingerprints. The method includes the file uploading procedure and the file downloading procedure. In the file uploading procedure, when a user uploads files to a file server, the file server starts a natural language analysis program and conducts full-context scanning and matched analysis on file contexts, a position where the digital fingerprints can be inserted is found, a fingerprint feature position list is generated, the fingerprint feature position list and original files are stored in the file server together, the uploading and downloading record list is generated, and information uploaded this time is recorded. In the file downloading procedure, when the user sends a file downloading request to the file server, the file server generates binary random codes with the same length according to the length of the fingerprint feature position list, when the random code corresponding position is 1, the digital fingerprints are inserted in the contexts at the corresponding position, a new file is generated and sent to the user, and meanwhile the downloaded information is recorded in the uploading and downloading record list. By means of the method and system, the context files can be traced back, and the security of the context files is managed.