Network node, device and methods for providing an authentication module

1 . A method, executed in a network node, for providing an Authentication Module (AM) to a device, comprising the steps of: computing an authentication parameter to be stored in the AM, using an identifier (ID) associated with the device, authentication data associated with the device and an encryption parameter associated with the device; and providing the AM to the device. 2 . The method of claim 1 , further comprising the steps of: receiving a request for the AM from the device; receiving a request for the ID from the device; providing the ID to the device; and providing the ID and the authentication parameter to a database for subsequent authentication use. 3 . The method of claim 2 , wherein the request comprises at least one of: the ID associated with the device, the authentication data associated with the device and the encryption parameter associated with the device and wherein the authentication data comprises at least one of: an authentication sequence, a user data, a vendor data and a service provider data. 4 . (canceled) 5 . The method of claim 1 , wherein the authentication parameter is computed using an Advanced Encryption Standard (AES) algorithm taking as inputs a concatenation of the ID, the authentication data associated with the device and the encryption parameter associated with the device, wherein the concatenation of the ID and the authentication data associated with the device used for computing the authentication parameter is in the form of a string generated using Basic Encoding Rules (BER) and wherein the computed authentication parameter is stored as an Operator Variant Algorithm Configuration Field (OP) parameter in the AM. 6 . (canceled) 7 . (canceled) 8 . The method of claim 1 wherein the authentication parameter of the AM is set to empty, to a dummy value, to a default value or to the computed authentication parameter, before providing the AM to the device, when the device has capabilities to compute the authentication parameter. 9 . The method of claim 1 wherein the authentication parameter of the AM is set to the computed authentication parameter, before providing the AM to the device, when the device has no capabilities to compute the authentication parameter. 10 . The method of claim 1 wherein, prior to being provided to the device, the AM is encrypted using the encryption parameter associated with the device, wherein the AM is provided to the device by sending the AM from the network node to the device or by enabling a download of the AM from the network node, or the AM is transferred from the network node to a portable data repository and the AM is uploaded from the portable data repository to the device by wired or by short range wireless transmission. 11 . (canceled) 12 . (canceled) 13 . (canceled) 14 . (canceled) 15 . The method of claim 10 wherein the database is a Home Subscriber System (HSS), wherein the network node is operative to execute a Bootstrapping Server Function (BSF) and wherein the network node executing the BSF is operative to communicate with a Home Subscriber System (HSS). 16 . (canceled) 17 . (canceled) 18 . The method of claim 1 wherein the ID and the authentication data are stored in the AM. 19 . The method of claim 1 wherein the device is a Machine-to-Machine (M2M) communication device or a user equipment (UE). 20 . The method of claim 1 wherein the ID is an Internet Protocol (IP) Multimedia Subsystem (IMS) Private Identity (IMPI) and wherein the AM is a virtual Subscriber Identity Module (vSIM). 21 . (canceled) 22 . The method of claim 1 , further for updating the AM of a device, further comprising the steps of: computing a new authentication parameter to be stored in the AM, using the ID associated with the device, updated authentication data associated with the device and the encryption parameter associated with the device; and providing the updated authentication data to the device. 23 . The method of claim 22 further comprising the steps of: receiving a request for the updated AM from the device; providing the new authentication parameter to the device; and providing the ID and the new authentication parameter to a database for subsequent authentication use. 24 . (canceled) 25 . (canceled) 26 . A method, executed in a device, for authenticating the device using an Authentication Module (AM), comprising the steps of: sending an authentication request to a network node; receiving a response comprising a random string and a verification code; computing an expected verification code using the random string and an authentication parameter stored in the AM; and authenticating the device responsive to determining that the received verification code corresponds to the expected verification code; wherein the authentication parameter stored in the AM is computed using an identifier (ID) associated with the device, authentication data associated with the device and an encryption parameter associated with the device. 27 . The method of claim 26 wherein the authentication parameter stored in the AM is an Operator Variant Algorithm Configuration Field (OP) parameter, wherein the random string is a random string of numbers, wherein the verification codes are Media Authorization Codes (MACs) and wherein the network node is a Bootstrapping Server Function (BSF) in communication with an Home Subscriber System (HSS) operative to provide a copy of the authentication parameter associated with the device to the network node for computation of the expected verification code. 28 . (canceled) 29 . (canceled) 30 . (canceled) 31 . A method for generating an authentication parameter for an Authentication Module (AM), comprising the step of: computing an authentication parameter to be stored in the AM, using an identifier (ID) associated with a device, authentication data associated with the device and an encryption parameter associated with the device. 32 . The method of claim 31 wherein the ID and the authentication data are stored in the AM. 33 . The method of claim 31 wherein the authentication parameter is computed using an Advanced Encryption Standard (AES) algorithm taking as inputs a concatenation of the ID and the authentication data associated with the device and the encryption parameter associated with the device and wherein the authentication parameter stored in the AM is an Operator Variant Algorithm Configuration Field (OP) parameter. 34 . (canceled) 35 . The method of claim 31 , wherein the AM is stored in a repository of the device and wherein the AM is stored in at least two different files in the repository of the device. 36 . (canceled) 37 . A network node for providing an Authentication Module (AM) to a device comprising: a processor; and a memory, said memory containing instructions executable by said processor, whereby said network node is operative to: compute an authentication parameter to be stored in the AM, using an identifier (ID) associated with the device, authentication data associated with the device and an encryption parameter associated with the device; and provide the AM to the device. 38 . The network node