TLS Handshake Network Diagram for Hospital Management System

Tech architecture infographic titled "TLS Handshake" using PROTOCOL HANDSHAKE archetype, adapted for a non-technical executive audience. Show a clear left-to-right numbered exchange with labeled boxes and arrows: Client Browser, DNS Resolver, Web Server / API Gateway, Certificate Authority, Session Cache, Application Server, Database, Message Queue, Generic Cloud Network. Each box must include a simple icon, a canonical English name, and a one-line English role description. Required labeled boxes to include: Browser — 'User client initiating HTTPS connection'; API — 'Server endpoint terminating TLS and forwarding requests'; DB — 'Stores application records and configuration'; Cache — 'Keeps resumable session parameters and temporary data'; Queue — 'Asynchronous internal job delivery'. Add supporting boxes where technically accurate for TLS: DNS Resolver — 'Resolves domain to IP address'; Certificate Authority — 'Trust anchor that issues server certificates'; Application Server — 'Processes business logic after secure channel setup'. Connect all boxes with directional arrows and short English labels describing what crosses. Use technically correct TLS 1.3 style flow: Browser to DNS Resolver labeled 'DNS query'; DNS Resolver to Browser labeled 'IP address'; Browser to API labeled 'TCP SYN'; API to Browser labeled 'TCP SYN-ACK'; Browser to API labeled 'TCP ACK + ClientHello'; API to Browser labeled 'ServerHello + Certificate + Finished'; Browser to API labeled 'Finished'; Browser to API labeled 'HTTPS GET / JSON request'; API to Cache labeled 'Session lookup'; Cache to API labeled 'Session hit / miss'; API to Application Server labeled 'Decrypted HTTP request'; Application Server to DB labeled 'SELECT / INSERT row'; DB to Application Server labeled 'Query result'; Application Server to Queue labeled 'Async job event'; Queue to Application Server labeled 'Delivery status'; Application Server to API labeled 'JSON response'; API to Browser labeled 'HTTPS 200 OK'; optional thin trust relation from Certificate Authority to Browser labeled 'Trusted root chain'. Make the TLS handshake visually primary, with post-handshake app flow shown as secondary internal processing. Add a numbered legend 1-7 in English: 1. 'Browser resolves the server domain and opens a TCP connection.' 2. 'ClientHello starts TLS and proposes supported cipher suites.' 3. 'ServerHello returns chosen parameters and the certificate chain.' 4. 'Browser validates the certificate and both sides complete TLS 1.3 key exchange.' 5. 'An encrypted HTTPS request is sent through the secure channel.' 6. 'The API checks cache, calls application logic, and reads or writes the database.' 7. 'The server returns an HTTPS 200 OK response and may publish async work to the queue.' Include a small neutral note for accuracy: 'Conceptual illustration, not an audited security architecture.' Visual style: editorial developer-blog illustration, isometric or flat tech-diagram style, vector-clean infographic layout. Color palette: green terminal palette with dark background, neon green accents, soft mint highlights, muted gray infrastructure boxes, subtle grid, crisp high-contrast arrows. Overall mood: modern, trustworthy, technical but executive-friendly, clean and understandable, not overly dense. Use generic cloud icons only, no vendor branding. All text MUST be written in English (array). Every heading, label, caption, legend and metric name in the image must be in English — not English. Spell each English word correctly using English characters and diacritics. Numbers stay as digits, no real cloud-vendor logos (AWS / GCP / Azure) — use generic cloud icons, no watermarks No real cloud-vendor logos (AWS, GCP, Azure) beyond generic cloud icons. Common protocol names (HTTPS, TCP, JWT, OAuth, REST, GraphQL) stay in canonical English form. No security-claim overstatements (do not present diagrams as audited reference architectures).