Secure Integration of Third-Party Code in SaaS

In today’s digital landscape, where data is considered to posses significant value, the preservation and safeguarding of personal information are crucial. With the enforcement of the General Data Protection Regulation (GDPR) in the European Union and associated countries, businesses need to prioritize the anonymity and protection of user data. One such vital instrument that has emerged to address this regulatory requirement is the Information Anonymizer. This tool is indispensable for organizations that seek to harmonize data utility with privacy preservation. However, while a one-size-fits-all approach may work for many, the diverse nature of enterprises and the varied data structures they employ necessitate customizable solutions. This presents a unique challenge: securely integrating third-party code into the Information Anonymizer. Such integration allows tailoring to specific customer needs, ensuring both regulatory compliance and data usability. The internship’s goal is to securely combine customer-specific extensions while maintaining a standardized, one-size-fits-all foundation. By the conclusion of the internship, a comprehensive compilation of security requirements and associated solutions is expected to be produced. Each solution presented in this paper should be checked against the established security requirements.