Multiple Sites, One checkout/cart

We have a grand plan of creating a network of sites where all products and the cart will be driven off of the main site, but there are 3 other sites where users could potentially add products to their cart. The checkout process and order history/user login would all be housed at the main site. Our concern is that cross site scripting for domains and SSLs will completely render the sessions invalid. How do we have 1 site run the products, cart and user system, and display and share the cart session across 4 sites (all separate domains)