encryption – Is centralized key management better or decentralized key management better to prevent attacks on database level?


I was planning to start a project that’s sort of like a hybrid mix of banking system and commercial system.

In such case, considering that I need to encrypt the data at database level with a prevention of both insider’s and outsider’s attack on database as it happens to me data leakage happens quite often..

What are the recommended type of key management to do so and the reason behind it?