You can't parameterise table or column names. You'll have to build up the string with those values in (and beware SQL injection vulnerabilities)
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability