Misuse Case Scenario Library

Purpose: Pre-built fixture patterns for adversarial review targeting HIPAA/PCI/SOX/FedRAMP/GDPR compliance risks.

How to Use

  1. Pick 3–5 patterns relevant to the context’s regulated_domains + data_classes
  2. For each pattern, produce a fixture patch with at least one manifest assertion
  3. If manifest doesn’t expose a needed declaration, propose a spec/manifest addition

A. Identity, Authentication, Authorization

MC-AUTHZ-001 — Privilege escalation via role mismatch

Risk: User gains access to protected resource without appropriate role/purpose. (HIPAA/GDPR/FedRAMP/SOX)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

- id: "MC-AUTHZ-001"
  title: "Deny access when actor lacks required role/purpose"
  category: misuse_case
  requirement_ref: "SEC-001"
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "security.authorization.enforced"
        op: equals
        value: true
      - id: "MA-002"
        path: "security.authorization.default_deny"
        op: equals
        value: true
    audit_events: []
  given: "An actor is authenticated but has insufficient privileges."
  when: "The actor attempts to access a protected operation."
  then: "Access is denied and the denial is auditable."

MC-AUTH-002 — Session/token replay

Risk: Stolen token reused beyond allowed lifetime. (FedRAMP/GDPR/PCI)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

- id: "MC-AUTH-002"
  title: "Reject expired or revoked tokens"
  category: misuse_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "security.sessions.max_lifetime"
        op: exists
      - id: "MA-002"
        path: "security.tokens.revocation_supported"
        op: equals
        value: true
    audit_events: []
  given: "An actor presents a valid but expired/revoked token."
  when: "The actor attempts to access any protected resource."
  then: "Access is denied with appropriate error."

MC-AUTH-003 — Break-glass misuse (healthcare)

Risk: Emergency override used without justification/audit trail. (HIPAA)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

- id: "MC-AUTH-003"
  title: "Break-glass requires justification and audit"
  category: misuse_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "security.break_glass.enabled"
        op: exists
      - id: "MA-002"
        path: "security.break_glass.requires_justification"
        op: equals
        value: true
    audit_events: []
  given: "An actor invokes break-glass emergency access."
  when: "No justification is provided."
  then: "Access is denied or justification is captured before proceeding."

B. Auditability, Traceability, Non-repudiation

MC-AUDIT-001 — State change without audit event

Risk: Mutations occur with no audit trail. (HIPAA/SOX/FedRAMP/PCI)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

- id: "MC-AUDIT-001"
  title: "Every state change is auditable"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "audit.enabled"
        op: equals
        value: true
      - id: "MA-002"
        path: "audit.immutable"
        op: equals
        value: true
    audit_events: []
  given: "A valid actor performs a state-changing operation."
  when: "The operation completes (success or failure)."
  then: "An audit event is recorded with actor, action, object, outcome."

MC-AUDIT-002 — Audit log tampering

Risk: Actor can delete/alter audit evidence. (SOX/FedRAMP)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

- id: "MC-AUDIT-002"
  title: "Audit logs are tamper-resistant"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "audit.storage.append_only"
        op: equals
        value: true
      - id: "MA-002"
        path: "audit.retention.locked"
        op: exists
    audit_events: []
  given: "An actor with elevated privileges attempts to modify audit logs."
  when: "Any delete/update operation is attempted on audit storage."
  then: "Operation is denied; audit log integrity is preserved."

C. Data Protection: HIPAA/GDPR/PCI

MC-DATA-001 — Sensitive data in logs (PII/ePHI/PCI)

Risk: PII/ePHI leaks into logs, metrics, traces. (HIPAA/GDPR/PCI/FedRAMP)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

- id: "MC-DATA-001"
  title: "Sensitive data is redacted from logs"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "logging.redaction.enabled"
        op: equals
        value: true
      - id: "MA-002"
        path: "observability.pii_scrubbed"
        op: equals
        value: true
    audit_events: []
  given: "A request contains PII/ePHI/PCI data."
  when: "The request is logged or traced."
  then: "Sensitive data is redacted or masked in all outputs."

MC-DATA-002 — Storage without encryption at rest

Risk: Regulated data stored unencrypted. (HIPAA/GDPR/FedRAMP/PCI)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

- id: "MC-DATA-002"
  title: "Regulated data encrypted at rest"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "data_protection.encryption.at_rest"
        op: equals
        value: true
      - id: "MA-002"
        path: "key_management.kms"
        op: exists
    audit_events: []
  given: "Regulated data is stored in any persistence layer."
  when: "Data is written to storage."
  then: "Data is encrypted using approved algorithms and key management."

MC-DATA-003 — Missing encryption in transit

Risk: Data transmitted over plaintext or weak TLS. (HIPAA/GDPR/FedRAMP/PCI)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

- id: "MC-DATA-003"
  title: "All data encrypted in transit"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "data_protection.encryption.in_transit"
        op: equals
        value: true
      - id: "MA-002"
        path: "network.tls.minimum_version"
        op: exists
    audit_events: []
  given: "Data is transmitted between components."
  when: "Any network communication occurs."
  then: "TLS 1.2+ is enforced with approved cipher suites."

MC-GDPR-001 — No lawful basis for personal data

Risk: Processing personal data without declared lawful basis. (GDPR)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

- id: "MC-GDPR-001"
  title: "Personal data processing has lawful basis"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "privacy.lawful_basis"
        op: exists
      - id: "MA-002"
        path: "privacy.purpose_limitation.enforced"
        op: equals
        value: true
    audit_events: []
  given: "Personal data is processed."
  when: "Any operation touches personal data."
  then: "Processing is traceable to a declared lawful basis and purpose."

MC-GDPR-002 — DSAR not supported

Risk: Cannot fulfill data subject access/erasure requests. (GDPR)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

- id: "MC-GDPR-002"
  title: "Data subject requests are supported"
  category: boundary_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "privacy.dsar.supported"
        op: equals
        value: true
    audit_events: []
  given: "A data subject submits an access or erasure request."
  when: "The request is received by the system."
  then: "System can fulfill the request within regulatory timeframes."

MC-PCI-001 — PAN handling controls absent

Risk: Payment account data stored/handled without controls. (PCI DSS)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

- id: "MC-PCI-001"
  title: "PAN data has appropriate controls"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "data_classes"
        op: exists
      - id: "MA-002"
        path: "pci.tokenization.enabled"
        op: exists
    audit_events: []
  given: "Payment account numbers are handled."
  when: "PAN data enters the system."
  then: "Data is tokenized or encrypted; raw PAN never stored."

D. Change Management & Supply Chain (SOX/FedRAMP)

MC-SOX-001 — Unapproved change to financial control path

Risk: Changes to financial systems without approvals. (SOX)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

- id: "MC-SOX-001"
  title: "Changes require documented approval"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "governance.change_control.required"
        op: equals
        value: true
      - id: "MA-002"
        path: "governance.approvals.required"
        op: exists
    audit_events: []
  given: "A change is proposed to a controlled system."
  when: "The change is deployed."
  then: "Deployment only proceeds with documented approval evidence."

MC-SUPPLY-001 — Dependency risk not declared

Risk: Untracked third-party libs, unclear SBOM posture. (FedRAMP)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

- id: "MC-SUPPLY-001"
  title: "Dependencies are tracked and scanned"
  category: invariant_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "supply_chain.sbom.enabled"
        op: equals
        value: true
      - id: "MA-002"
        path: "supply_chain.dependency_scanning.enabled"
        op: equals
        value: true
    audit_events: []
  given: "The system includes third-party dependencies."
  when: "Dependencies are used at runtime."
  then: "All dependencies are inventoried and scanned for vulnerabilities."

E. Availability & Abuse (FedRAMP)

MC-ABUSE-001 — No rate limiting

Risk: Credential stuffing, DoS, API abuse.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

- id: "MC-ABUSE-001"
  title: "API endpoints are rate-limited"
  category: boundary_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "security.rate_limit.enabled"
        op: equals
        value: true
      - id: "MA-002"
        path: "security.bruteforce_protection.enabled"
        op: equals
        value: true
    audit_events: []
  given: "An actor sends excessive requests."
  when: "Request rate exceeds threshold."
  then: "Requests are throttled or blocked; abuse is logged."

MC-ABUSE-002 — Unsafe input paths

Risk: SQL injection, command injection, template injection.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

- id: "MC-ABUSE-002"
  title: "Input validation prevents injection"
  category: misuse_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "security.input_validation.policy"
        op: exists
      - id: "MA-002"
        path: "security.output_encoding.enabled"
        op: exists
    audit_events: []
  given: "An actor submits malicious input."
  when: "Input is processed by the system."
  then: "Malicious patterns are rejected or sanitized."

F. LLM-specific

MC-LLM-001 — Prompt injection

Risk: User-controlled text changes system behavior / exfiltrates secrets.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

- id: "MC-LLM-001"
  title: "Prompt injection defense is enabled"
  category: misuse_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "llm.prompt_injection_defense.enabled"
        op: equals
        value: true
      - id: "MA-002"
        path: "llm.tools.allowlist.enforced"
        op: equals
        value: true
      - id: "MA-003"
        path: "llm.secrets.redaction.enabled"
        op: equals
        value: true
    audit_events: []
  given: "User provides adversarial prompt content."
  when: "Content is processed by LLM."
  then: "System behavior remains within allowed bounds; secrets not exposed."

MC-LLM-002 — Tool misuse without confirmation

Risk: LLM triggers destructive actions without approval.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

- id: "MC-LLM-002"
  title: "High-impact LLM actions require approval"
  category: misuse_case
  stimulus:
    kind: manifest_only
  observables:
    manifest_assertions:
      - id: "MA-001"
        path: "llm.high_impact_actions.require_human_approval"
        op: equals
        value: true
      - id: "MA-002"
        path: "llm.tool_permissions.scoped"
        op: equals
        value: true
    audit_events: []
  given: "LLM attempts a destructive operation (delete/export)."
  when: "No explicit human approval is present."
  then: "Operation is blocked pending approval."

Standardize these keys for easier assertion:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

# Governance
regulated_domains: []
data_classes: []
governance:
  change_control:
    required: true
  approvals:
    required: ["security", "compliance"]

# Security
security:
  authorization:
    enforced: true
    default_deny: true
  rate_limit:
    enabled: true
  input_validation:
    policy: "strict"

# Audit
audit:
  enabled: true
  immutable: true
  storage:
    append_only: true

# Data Protection
data_protection:
  encryption:
    at_rest: true
    in_transit: true

# Logging
logging:
  redaction:
    enabled: true

# LLM
llm:
  prompt_injection_defense:
    enabled: true
  tools:
    allowlist:
      enforced: true

References