A Hierarchy of Knowledge for the Formal Analysis of Security-Sensitive Business Processes