Policy-Conditioned Constrained Decoding for Column-Level Access Control in Text-to-SQL
Jul 15, 2026
Researchers introduce PCC-SQL, a method that enforces column-use policies during text-to-SQL decoding by applying per-token logits masking, which deterministically prevents policy violations. The approach achieves a 0% leakage rate and up to 88.7% coverage on the Spider-CU benchmark, with minimal increase in token usage compared to direct prompting. The method is evaluated across three benchmarks and three open-source models, and also assesses semantic alignment with execution accuracy.
Why it matters: This work provides a deterministic solution to enforcing column-level access control in text-to-SQL systems, addressing a key security concern in real-world deployments.
Full story at: arXiv Computation and Language ↗