Question about Centralized/Decentralized key storage.

I have run into a little dilemma here. After reading the sections on key management/key lifecycles in both the passport book and the exam cram book, I have taken notice of something.

The passport book states that decentralized storage is less secure and more scalable than centralized.

The exam cram book states that centralized storage is more scalable.

It makes sense to me that decentralized security would be more scalable as it can adhere to large numbers of people, but I believe centralized storage can also be scalable in that you only need one server to support multiple people.

Which book is correct, and what are your opinions?

Thanks!

Find more posts tagged with

SAVE $250 on Your CompTIA Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CompTIA Boot Camps

Comments

Webmaster

but I believe centralized storage can also be scalable in that you only need one server to support multiple people.

But there 'is' a limit to what one server can support. If a database can be stored decentralized, it's no longer limited to the capacity of one server, and hence more scalable. Centralized key storage is primarily 'more manageable'. Centralized storage can be considered more scalable if you consider the fact that additional systems that support the use of the centralized database can be added more easily (rather than having to configure local storage on the additional systems). In general I'd go with the passport version.