Which protocol is used to facilitate secure authorization and access to resources across sites without requiring users to share their passwords?

OAuth is designed specifically to enable secure authorization and access to resources across different services without necessitating the sharing of user passwords. It allows users to grant third-party applications limited access to their resources without exposing their credentials. This is achieved through the use of tokens, which the applications can use to access user data on behalf of the users themselves.

When a user wants to access a service that requires data from another service (such as accessing a Google account from a third-party app), OAuth facilitates this interaction through a secure token exchange. The user is redirected to the authentication service (like Google), where they can log in and approve the request. After approval, the service issues an access token, which the third-party application can use to make requests to access protected resources.

In contrast, protocols like Diameter, LDAPS, and RADIUS focus on user authentication and directory service access, but they do not inherently allow the delegation of access in the way OAuth does. Diameter and RADIUS are primarily used for authentication and accounting in network access, while LDAPS is primarily for secure directory services access. None of these protocols provide the same level of secure delegated access that OAuth does through the token-based authorization model.