Skip to content

An authorization framework built on top of OAuth to improve privacy for web applications.

License

Notifications You must be signed in to change notification settings

dsc-umass/XAuth

 
 

Repository files navigation

XAuth - Improving Privacy for Web Applications

Build Status License Design Document

Traditionally the OAuth protocol has had no specific privacy preserving mechanisms or options to help users not give away their private information or try to stay anonymous on services. XAuth is an implementation of OAuth that tries to preserve user's privacy while still giving the third party application an anonymous hashed ID to which the application associated all the user attributes to. A specific example of this is a news site who doesn't need to know you are but needs to know attributes such as paid or unpaid subscrober. Some more upcoming features of XAuth include having the ability to share your information if the user feels they want to share their information and also being able to choose what part of their information can be shared such as name, age, email.

XAUth also has a mail proxy server hoste on the identity provider end to porxy email requests from the application to the user to allow for a higher level of security and anonymity.

About

An authorization framework built on top of OAuth to improve privacy for web applications.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 99.1%
  • Go 0.9%