The article is right in its understanding of the need and possibilities of making solutions that eliminate the trade-offs between business objectives and security requirements of all involved.

But the suggested solution of an "Oracle" is 10 years outdated as it represents a cheap copy of Microsoft Passport - one central all-knowing entity to trust with all the power in the world. It is 100% untrustworthy and will face the same problems.

That Google and MS Live Id are now - again - competing for the same position change nothing.

The needs are the same - create an identity layer for the digital world that ensure accountability in the transaction but at the same time ensure that citizens have control of referability of data WITHOUT having to trust some un-trustworthy entity.

The technologies are there starting with anonymisers such as TOR (of course NOT a single proxy-anonymiser) and secure payments such as Digital Cash (of course NOT a one-time-only credit card) etc.

Some of the tougher issues lies in securing biometrics - as we can of course NOT exchanging non-revocable data keys such as hashed fingerprint templates as that would be security destructive.

These technical issues are all theoretically solved, but needs to be built together into rather complex identity mechanisms that has to deal with the critical balances and dynamics of linking the physical world securely into the virtual digital world.

That target is not some soft privacy, but battling issues such as identity theft and scalable security breaches with strong fallback mechanisms on all layers providing defenses in depth.

Usability is a key issues as no technical solution can work unless it is easily understandable and usable. Therefore we need to mimic human perceptions of context rather then the traditional systemic approaches.

What we need to do - and ARE doing in the research side - is to build the semantic resolution of security for open interoperability. We are involved in this in the HYDRA project.

There are NO trade-offs - they are all man-made and can and must be undone to secure and build trust in the digital transactions and services.

The biggest challenge is to regain common sense in the political scare-rethoric and self-destructive overreactions to 9/11 that are not improving but worsening security.

And then of course help markets to overcome the greed ambitions of some larger players that play the percentages in their favor instead of making sustainable and security-improving solutions.

Rmemeber one simple thing - the digital world is 100% man-made - here we control even gravity, but we get what we aim for.