The invention provides a security protection method and system for a light-weight database, and relates to the technical field of information security. The method includes the steps that firstly, a user has access to the database through a database access agency; secondly, the database access agency verifies the security of a running platform where a client-side is located through a remote authentication platform before responding to the operation conducted by the user on the database; thirdly, the database must be decoded before the operation conducted by the user is responded due to the fact that the database is a ciphertext database; fourthly, the running platform where the database is located needs to verify the security of the running platform before the database is decoded, if the running platform is safe, decoding is conducted on the database and the user operation is conducted, and the database is encoded and stored again after the operation is completed. The system comprises a remote authentication subsystem and a database encoding protection subsystem. After the method and system are adopted, the security of the database can be enhanced, the security of the running platform where the client-side is located and the security of the running platform where the database is located are verified before the user has access to the database, and therefore the potential safety hazards caused by undemanding identity authentication and the platforms which may have been broken through can be avoided.