That sounds like a great way to DoS yourself. While I'm sure it could be
achieved, probably in a pretty messy way, I don't think it's a good idea
and seems to me like way over the top security. Especially because sure,
you might be able to protect against CQL "attacks" via triggers (ugh) - but
if they have CQL access they could just drop the trigger (yes it requires
superuser, but I don't think that's sufficient protection). Anyway, even if
you do manage to achieve some kind of obscure protection in CQL you won't
be able to protect against internode attacks, or better yet, an attacker
just dumping a bunch of crafted SSTables in your data directories. Better
yet, using sstableloader to achieve the same on all nodes. You should focus
on locking down your client machines and nodes, as if they get access to
either I assure you they'll find a way around whatever security solution
you hack into C*.
