Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures