#StackBounty: #server #cloud-computing #whitelist What are the benefits of using IP whitelists to secure cloud servers/resources?

Bounty: 50

Consider the following scenario:

  • There is a “server” (e.g. database, API, etc) that is “in the cloud” (i.e. hosted on physical hardware that is physically distant from the clients and reachable only by IP through the public internet).
  • The server only processes requests that provide valid credentials (e.g. password, access token, SSH key, etc.). It can be assumed that this authentication mechanism is “sufficiently secure”. (i.e. an outside without knowledge of the credentials would not be able to fabricate credentials via reasonable brute force)
  • The server is expected to only serve requests to a small list of clients that are pre-known. Each client sends its traffic from a fixed public IP address that is pre-known to the server.

What security benefits are providing by configuring an IP whitelist on the server? What types of attacks become impossible or more difficult based on the configuration of an IP whitelist on the server?

Get this bounty!!!