Mandatory security and object-oriented systems : a multilevel entity model and its mapping onto a single-level object model