Nowadays, with the increasingly development of network technology and increasingly enrichment of business types of different fields (e.g. the internet-based financial transaction field), there is an increasingly growing demand for the data storage system and method used for the security information interaction, therefore, the security data storage system and method become more and more important.
Typically, the existing security data storage systems (for example, in the applications which adopt the authentication technology such as a digital certificate based on public key cryptography system, a dynamic password or the like, a USBKey is usually used to store the digital certificate and associated key pair) include the following two implementation approach: (1) both a user password and an unlock password are used in the security data storage system (including a security data storage device), said user password is used for authenticating the identity of the user of the security data storage device, and said unlock password is used for unlocking the security data storage device (when the number of times that the error user passwords are entered continuously reach a predetermined number of times, said security data storage device is locked automatically), so as to cause said user password to recovery to an initial state, wherein, the user password of said security data storage device is initialized by the manufacturer and can be reset by the user, whereas the unlock passwords are all the same (for example, the USBKeys belonging to the same batch have the same unlock passwords); (2) the initialization and reset of the user password are not supported (for example, the PIN code is not supported) in the security data storage system, i.e., once the security data storage device is locked, the user must use a new security data storage device (e.g. the USBKey) and re-download new security information data (such as the digital certificate).
However, the first implementation approach described above has the following problems: due to the unlock passwords are all the same, once the unlock password has been divulged, then any security data storage device can be unlocked, thus there exist largely potential security risks.
The second implementation approach described above has the following problems: the use cost of the user increases (for example, once the security data storage device is locked, a new security data storage device needs to be used), and the complexity of use is significantly increased (for example, to re-download new security information data).
Therefore, there exists the needs for providing a data storage system and method used for the security information interaction, which have the high degree of security and are convenient and easy to use.