Development of a MySQL Sandbox for processing SQL statements: Case of DML and DDL statements

Abstract

This research developed the MySQL Sandbox, a secured environment for processing SQL queries. It was implemented as a RESTful web service having three services - sandbox database creation, SQL statement processing and sandbox database resetting. It supports the simultaneous processing of multiple SQL statements from multiple users in multiple databases. It uses question identification (ID) and student ID to create separate databases for each student using the MySQL feature to manage the user's privileges of their own database. Every service returns a result in the JSON format, which is easy to understand. This MySQL Sandbox is the first tool to support judging DDL statements and complex DML statements. Existing SQL grading systems have limitations on the number of supported SQL statements because they are concerned about risks from some sensitive SQL statement, such as DDL and DML statements, other than the SELECT statement. This sandbox will help eliminate the security concerns that obstruct the development and improvement of SQL grading systems, while providing a greater freedom of learning query to students, which will help them improve their own skills in three dimensions i.e., database query, database administration and database programming.