Docker image is the operating basis of Docker containers. As robust methods of image security detection remain to be developed, containers are subject to various security threats, such as container escape and denial of service attacks, during their operation. To avoid the use of toxic images, this study proposes a detection model for trusted Docker image sources, namely detect trusted Docker image source (DTDIS). In this model, the virtual trusted cryptography module (vTCM) is used to build an image benchmark database and thereby detect whether the local image file has been tampered with. The parent image vulnerability database is utilized to extend the Clair image scanner and thus avoid repeated scanning. File measurement information and vulnerability scanning information are availed to determine whether the Docker image source is credible. Experiments in a cloud environment prove that the proposed model can effectively evaluate the security of Docker images and ensure that users use trusted images.