Several databases I am familiar with provide functions or modules for encryption. Examples include dbms_crypto for oracle databases and built-in functions for MySQL.
Most of the commonly used programming languages have cryptography libraries available.
From a security perspective, are there any issues that would lead to choosing one over the other? Is one method highly preferable over the other?
The algorithms provided are almost the same. The choice would depend on your use cases. Some things to consider:
If you want to do encryption, then the data to encrypt and the key used for encryption will need to be transferred to the machine which does the job. If you do the encryption on the front-end, then you do not have to "trust" the database, but this may make things more complex if you have multiple front-ends. If you do the encryption on the database, then an hostile hijack of the database will leave you naked; e.g. successful SQL injection attacks are even more devastating.
Generally speaking, if you want to make a security distinction between doing the crypto on the front-end or on the database, then you have to imagine a scenario where one is compromised and not the other. Conversely, if you consider both machines to be "equally robust", then your question is about performance only.
I think that in encryption in webapp we have some separation, which can aid security. Mainly you hacked db you have data, now you have to hack our app to decrypt the data. In db crypto we have single point of failure. Plus if you need some info about a signature/encryption in your application you, woudl choose application level encryption.
