Is it possible to allow a stored procedure to be called only from a particular application or from an application running from a specific location?

I suggest use SQL Database role security and add one DB role for your app like application_users then grant all EXEC rights on the stored proc(s) and/or dependent UDF functions plus SELECT,INSERT,UPDATE,DELETE to all tables/views and objects to linked to this SP.

Then you add only SQL or NT logins to application_users comming from that network segment so nothing else can access that SP other than SA.

How would I go about adding only SQL or NT logins that come from a particular place? When you say 'particular network segment', what exactly are you referring to?

"Is it possible to allow a stored procedure to be called only from a particular application or from an application running from a specific location?"

Well I guess my answer is direct for the first part of your question as that "particular application " should (idealy) have its own login to the database right? If you impersonate users then you would add all those users to the new application_users database role (you can call it whatever you want) and only they can run that SP right?

As far as network segments and IP trafic you can selectively block (incomming/outgoing) port 1433 (or whatever port you use for your SQL) traffic in the firewall right?

I see, your intent was to use the firewall to control access to the SQL server.  My ultimate goal is to allow users to access the data through an application that calls the stored procedures, but to prevent a programmer from writing an unapproved application that can be used to access the data.