TLDRocket
Sign in

AI Security & Privacy

1 summarised story about AI Security & Privacy, each linking back to the original source. Browse all topics →

Thursday, 16 July 2026

Policy-Conditioned Constrained Decoding for Column-Level Access Control in Text-to-SQL

arXiv cs.CL 18 hours ago

Researchers developed PCC-SQL, a system that enforces column-level access control policies in text-to-SQL models by applying per-token logits masking during decoding to prevent policy violations. The system achieved 0% leakage rate and 88.7% coverage on the Spider-CU benchmark while adding less than 10% computational overhead compared to direct prompting. This approach enables safer deployment of text-to-SQL systems across trust boundaries by deterministically preventing unauthorized column access based on how columns are used, not just their presence.