The present invention relates to a device and a method for authorizing a user to get access to content stored in encrypted form on a storage medium(10), said storage medium storing a machine-readable medium identifier(id) and at least one key table(KL) encrypted by use of a key table key(KLK) and storing at least one asset key(AK) for decrypting encrypted content(C). In order to allow a user to provide access to the content to other users in a simple but secure way, a device is proposed comprising: - a connection means(6) for connecting said device to a network(3), - a drive(5) for accessing said storage medium(10), in particular for reading content(C) and said medium identifier(id) from said storage medium(l0), and - a transmitter(7) for transmitting said medium identifier(id) and a user identifier(ui) of a user, who shall be authorized to get access to said content(C) and who is identified to said network(3) by said user indentifier(ui), to an authentication unit(AuC) within said network(3), said medium identifier(id) and said user identifier(ui) being used by said authentication unit(AuC) for generating a key table key(KLK) for said user enabling said user to decrypt at least one predetermined key table(KL). |